Guru3D.com
  • HOME
  • NEWS
    • Channels
    • Archive
  • DOWNLOADS
    • New Downloads
    • Categories
    • Archive
  • GAME REVIEWS
  • ARTICLES
    • Rig of the Month
    • Join ROTM
    • PC Buyers Guide
    • Guru3D VGA Charts
    • Editorials
    • Dated content
  • HARDWARE REVIEWS
    • Videocards
    • Processors
    • Audio
    • Motherboards
    • Memory and Flash
    • SSD Storage
    • Chassis
    • Media Players
    • Power Supply
    • Laptop and Mobile
    • Smartphone
    • Networking
    • Keyboard Mouse
    • Cooling
    • Search articles
    • Knowledgebase
    • More Categories
  • FORUMS
  • NEWSLETTER
  • CONTACT

New Reviews
G.Skill TridentZ 5 RGB 6800 MHz CL34 DDR5 review
Be Quiet! Dark Power 13 - 1000W PSU Review
Palit GeForce RTX 4080 GamingPRO OC review
Core i9 13900K DDR5 7200 MHz (+memory scaling) review
Seasonic Prime Titanium TX-1300 (1300W PSU) review
F1 2022: PC graphics performance benchmark review
MSI Clutch GM31 Lightweight​ (+Wireless) mice review
AMD Ryzen 9 7900 processor review
AMD Ryzen 7 7700 processor review
AMD Ryzen 5 7600 processor review

New Downloads
CPU-Z download v2.04
Intel ARC graphics Driver Download Version: 31.0.101.4090
AMD Radeon Software Adrenalin 23.1.2 (RX 7900) download
GeForce 528.24 WHQL driver download
Display Driver Uninstaller Download version 18.0.6.0
Download Intel network driver package 27.8
ReShade download v5.6.0
Media Player Classic - Home Cinema v2.0.0 Download
HWiNFO Download v7.36
MSI Afterburner 4.6.5 (Beta 4) Download


New Forum Topics
Info Zone - gEngines, Ray Tracing, DLSS, DLAA, TSR, FSR, XeSS, DLDSR etc. RTX 4090 Owner's thread Export and Share curve OC profiles for MSI AB (suggestion) AMD Polaris (RX 400/500) users unable to play Forspoken Corsair 10GB/s MP700 PCIe Gen5 SSD got unveiled, but quickly gets hidden Seagate will release 22TB and 24TB hard disk drives, and in Q3, HAMR HDD with 30TB or more Whoops?: Cablemod 12VHPWR cable also melts Amernime Zone AMD Software: Adrenalin / Pro Driver - Release Discovery 22.12.2 WHQL Forspoken implements Microsoft's DirectStorage API, offers faster load times but lowers frame rate AMD Software: Adrenalin Edition 22.11.2 - Driver download and discussion




Guru3D.com » News » New Exploit Targets IE7 Bug

New Exploit Targets IE7 Bug

by Hilbert Hagedoorn on: 02/19/2009 12:05 PM | source: | 0 comment(s)

We can;t say this enough, keep pathing up. It's a vicious cyberworld out there.

Cybercriminals are actively exploiting a critical vulnerability in Internet Explorer 7, which arises from the browser's improper handling of errors when attempting to access deleted objects. This vulnerability allows remote attackers to execute arbitrary codes on a vulnerable machine. The threat starts with a spammed malicious .DOC file detected as XML_DLOADR.A. This file has a very limited distribution script, suggesting it may be a targeted attack. It contains an ActiveX object that automatically accesses a site rigged with a malicious HTML detected by the Trend Micro Smart Protection Network as HTML_DLOADER.AS. HTML_DLOADER.AS exploits the CVE-2009-0075 vulnerability, which is already addressed by the MS09-002 security patch released last week. On an unpatched system though, successful exploitation by HTML_DLOADER.AS downloads a backdoor detected as BKDR_AGENT.XZMS. This backdoor further installs a .DLL file that has information stealing capabilities. It sends its stolen information to another URL via port 443.

If you are current on your patches, you are fine. If not...well, you know the drill.

Analysis by Trend Micro researchers reveal that BKDR_AGENT.XZMS takes screenshots of the infected system and sends these screenshots to a remote malicious location. It also creates a hidden Internet Explorer window which connects to a website to listen for commands.







« Best Selling PC Games · New Exploit Targets IE7 Bug · Intel goes after the money, sues NVIDIA »


Guru3D.com © 2023