<!doctype html public "-//W3C//DTD W3 HTML//EN">
<html><head><style type="text/css"><!--
blockquote, dl, ul, ol, li { padding-top: 0 ; padding-bottom: 0 }
--></style><title>another serious Windows security
flaw</title></head><body>
<div><tt><font color="#000000">typing happily away on my
Mac,</font></tt></div>
<div><tt><font color="#000000"><br></font></tt></div>
<div><tt><font color="#000000">Mark Solomon</font></tt></div>
<div><tt><font color="#000000">********</font></tt></div>
<div><tt><font color="#000000">Windows Security Flaw Is 'Severe'<br>
PCs Vulnerable to Spyware, Viruses<br>
<br>
By Brian Krebs<br>
Special to The Washington Post<br>
Friday, December 30, 2005; D01<br>
<br>
A previously unknown flaw in Microsoft Corp.'s Windows operating
system is leaving computer users vulnerable to spyware, viruses and
other programs that could overtake their machines and has sent the
company scrambling to come up with a fix.<br>
<br>
Microsoft said in a statement yesterday that it is investigating the
vulnerability and plans to issue a software patch to fix the problem.
The company could not say how soon that patch would be available.<br>
<br>
Mike Reavey, operations manager for Microsoft's Security Response
Center, called the flaw "a very serious issue."<br>
<br>
Security researchers revealed the flaw on Tuesday and posted
instructions online that showed how would-be attackers could exploit
the flaw. Within hours, computer virus and spyware authors were using
the flaw to distribute malicious programs that could allow them to
take over and remotely control afflicted computers.<br>
<br>
Unlike with previously revealed vulnerabilities, computers can be
infected simply by visiting one of the Web sites or viewing an
infected image in an e-mail through the preview pane in older versions
of Microsoft Outlook, even if users did not click on anything or open
any files. Operating system versions ranging from the current Windows
XP to Windows 98 are affected.<br>
<br>
An estimated 90 percent of personal computers run on Microsoft Windows
operating systems. Microsoft has found itself under attack on several
instances and has been forced to issue a number of patches to keep
computers running Windows safe. Mac and Linux computer users are not
at risk with this attack, even if their computers run Microsoft
programs such as Office or the Internet Explorer Web browser.<br>
<br>
Reavey encouraged users to update their anti-virus software, ensure
all Windows security patches are installed, avoid visiting unfamiliar
Web sites, and refrain from clicking on links that arrive via e-mail
or instant message.<br>
<br>
"The problem with this attack is that it is so hard to defend
against for the average user," said Johannes Ullrich, chief
research officer for the SANS Internet Storm Center in Bethesda.<br>
<br>
At first, the vulnerability was exploited by just a few dozen Web
sites. Programming code embedded in these pages would install a
program that warned victims their machines were infested with spyware,
then prompted them to pay $40 to remove the supposed pests.<br>
<br>
Since then, however, hundreds of sites have begun using the flaw to
install a broad range of malicious software. SANS has received several
reports of attackers blasting out spam e-mails containing links that
lead to malicious sites exploiting the new flaw, Ullrich said.<br>
<br>
Dean Turner, a senior manager at anti-virus firm Symantec Corp. of
Cupertino, Calif., said the company has seen the vulnerability
exploited to install software that intercepts personal and financial
information when users of infected computers enter the data at certain
banking or e-commerce sites.<br>
<br>
Eric Sites, vice president of research and development for
anti-spyware firm Sunbelt Software, said he has spotted spyware being
downloaded to a user's machine by online banner advertisements.<br>
<br>
"Pretty much all of the spyware guys who normally use other
techniques for pushing this stuff down to your machine are now picking
this exploit up," Sites said.<br>
<br>
Because the vulnerability exists within a faulty Windows component,
security experts warn that Windows users who eschew Internet Explorer
in favor of alternative Web browsers, such as older versions of
Firefox and Opera, can still get their PCs infected if they agree to
download a file from a site taking advantage of the flaw.<br>
<br>
Richard M. Smith, a Boston security and privacy consultant, said he
was particularly worried that the vulnerability could soon be used to
power a fast-spreading e-mail worm.</font></tt></div>
<div><tt><font color="#000000"><br>
"We could see the mother of all worms here," Smith said.
"My big fear is we're going to wake up in the next week or two
and have people warning users not to read their e-mail because
something is going around that's extremely virulent."<br>
<br>
<i>Brian Krebs is a washingtonpost.com reporter.</i></font></tt></div>
<div><tt><font color="#000000">© 2005 The Washington Post
Company</font></tt></div>
</body>
</html>