From China With Love: Over 100 Webpages Used to Infect Users

Web Security : From China With Love: Over 100 Webpages Used to Infect Users

Posted by Max on 2009/7/13 12:00:35 (526 reads)

PandaLabs, Panda Security's malware analysis and detection laboratory has detected over one hundred Web pages, mainly hosted in China, modified to infect users by exploiting an unpatched Microsoft vulnerability. Users of Panda Security are protected against this threat thanks to TruPrevent proactive Technologies.

The vulnerability lies in the Microsoft Video ActiveX control component and mainly affects users of Internet Explorer 7 on Windows XP. Microsoft hasn't yet released an official patch for this vulnerability, so users could be infected even though they have all previous security patches installed.

Microsoft has published a workaround for this flaw on its website: . PandaLabs advises users to keep an eye out for security fixes released by Microsoft to patch their systems against this vulnerability as soon as possible.

Through this exploit, several malware samples can be distributed. PandaLabs has found one sample which has been distributed via the Lineage.LAC. A Trojan Horse, which steals information and uses rootkit techniques.

"The real danger of this vulnerability lies in the fact that any user could be infected, despite having their operating system completely up-to-date," explains Luis Corrons, Technical Director of PandaLabs. "They just have to visit an infected Web page, even a legitimate one, to fall victim to the infection. Thanks to our proactive technologies, users can surf the Web safely, without fear of becoming infected."

Panda Security's laboratory is monitoring this vulnerability very closely. For more information about this infection, go to the PandaLabs blog: www.pandalabs.com

About PandaLabs
Since 1990, its mission has been to detect and eliminate new threats as rapidly as possible to offer our clients maximum security. To do so, PandaLabs has an innovative automated system that analyzes and classifies thousands of new samples a day and returns automatic verdicts (malware or goodware). This system is the basis of collective intelligence, Panda Security's new security model which can even detect malware that has evaded other security solutions.

Previous article - Next article

Other articles
2009/11/3 14:55:39 - BitDefender Top Ten Malware Threats for October 09
2009/11/3 14:29:38 - Nov. 09 Microsoft Security Intelligence Report
2009/10/7 15:19:17 - StopSign AntiVirus and Anti-Malware is Windows 7 Compatible
2009/10/7 15:11:26 - New Outlook Backup and Migration Software By Disk Doctors
2009/9/30 4:20:57 - Microsoft Security Essentials, FREE Security Tool Just Released
2009/9/28 14:31:52 - New Rogue Antispyware Cloaked To Infects Computers
2009/9/9 4:31:49 - Trend Micro Proves Leadership in URL Filtering and Web Security
2009/9/9 4:16:20 - New Free Tool to Clean Conficker Once and For All
2009/9/1 8:37:11 - Kaspersky Internet Security 2010 and Kaspersky Anti-Virus 2010 Out Now
2009/9/1 7:54:50 - NEW P2P Advertising Network Protects Users Against Lawsuits And Identity Theft

The comments are owned by the poster. We aren't responsible for their content.