Internet Explorer Virus?

[paul253]

I was listening to some talk radio yesterday...i know i know talk radio, but this was a non political show. The very first thing the host mentioned was some terrible virus thats going around on Internet Explorer and the first thing he recommended to do was download another browser. The problem is, thats the only source I've heard anything about it from, and i know sometimes talk radio will play replays of shows from a while back. Did anyone else hear anything about a virus on Internet Explorer?

[RyDogg66]

Was it Clark Howard on WTMJ in the afternoon? I was channel surfing while driving around and caught him talking about Firefox and Chrome and how his assitant or program director or whomever ONLY ever uses IE but that now she was being "forced" to switch....

[giffted1]

Yeah, I've heard about it too. Just another reason to use Firefox.

 

Here's the story.

[paul253]

RyDogg it was Clarke Howard. And I heard the same part that you did. I used to use Firefox but when i got a new computer not that long ago i used IE again, but i didnt want to take any chances so I've been using Firefox since yesterday.

[1992casey]

It's huge. Do the update now, even if you try to stay away from Internet Explorer.

 

Additionally, Yuku's been having problems with porn and malware in its ads. It's possible that these issues could be related to that vulnerability. Visiting Brewerfan and LambeauLeap shouldn't be an issue because they're both free of Yuku ads, but non-Yuku Supporters viewing Yuku profiles via Internet Explorer could be at risk.

[paul253]

http://tech.yahoo.com/blo...tch-is-out-how-to-get-it/

 

Call me cynical but this patch that microsoft issued is legit right? Its not some trick thats going to do damage?

[zurch1818]

My computer just found the patch directly from Microsoft with Windows Update. I would do it this way just to be safe. That patch looks legitimate though.

[B2k1121]

Could I have this virus?

 

I never use IE, only Firefox, but just two days ago I started getting all sorts of pop ups, and they are still happening. I've never had problems with pop ups until now, and every once in a while I get a pop up that I know is not legit that says something attacked my computer and I need to install someone to fix it, then it shows a bar like something is downloading. I know it's not real because it's in a browser, and a lot of words are misspelled.

 

Also my computer has been running a lot slower since then, like right now, as I'm typing this a new window popped up and a video started playing about new tech items...completely random.

[1992casey]

I've never had problems with pop ups until now, and every once in a while I get a pop up that I know is not legit that says something attacked my computer and I need to install someone to fix it, then it shows a bar like something is downloading.

 

You very likely have spyware or a virus. However, to fix things, don't do what the popup says. Fake virus and spyware scans are part of the scheme to give you more malware.

 

I'd update all the malware tools you have and scan with those. If that isn't good enough, check into other legitimate options. Coming here is as good as good a choice as any.

 

You might also have some luck by trying to do a System Restore. If you have a recent restore point from just before the issues arose, that might help. It wouldn't remove the malware, but it could possibly disable it.

 

The Microsoft update is legit. The problem is that people are scared of them because many Microsoft updates cause issues due to sloppy design or whatever. When an update is labeled "emergency" and is issued out of schedule, I think you have to go ahead and do it.

 

By the way, this issue can also cause malware to be sucked in by Outlook and Outlook Express.

[mothershipconnection]

i know i know talk radio

 

You get a pass, Clarke Howard is darn near the only talk radio worth listening to. If for no other reason, it's funny to listen to him explain just how incredibly cheap he is and get out of his mind excited about saving 6 bucks.

[temke]

i know i know talk radio

 

You get a pass, Clarke Howard is darn near the only talk radio worth listening to. If for no other reason, it's funny to listen to him explain just how incredibly cheap he is and get out of his mind excited about saving 6 bucks.

clark howard is fantastic. wish we would get more than an hour of his show.

[cwolf2012]

"Also my computer has been running a lot slower since then, like right now, as I'm typing this a new window popped up and a video started playing about new tech items...completely random."

 

---------------

 

Download "Malwarebytes Anti-Malware" (google it) and give that a scan. It tends to find a lot of issues and clear them out real quick. After that, I would maybe run Spybot or Adaware just to be safe.

[Chio151]

Coming from someone who works everyday in internet security:

 

Stick to Opera or Firefox: http://news.zdnet.co.uk/s...000000189,39578379,00.htm

 

In fact, add Stealther to Firefox.

 

Download Avast or AVG.

 

Pay attention to URLs.

 

Your bank will never ask for personal information by email.

 

Never click on links from emails.

 

When a popup says you have spyware, click on it and you will get spyware.

 

That's it for now.

[hawing]

It's at times like this when I get extra irritated that our timekeeping system at work functions only in IE.

[1992casey]

Download "Malwarebytes Anti-Malware"

 

I've heard this is very good, but I think you have to pay for this. Is there a free version?

 

Thanks for the signature material, Chio151. http://forum.brewerfan.net/images/smilies/smile.gif

[cwolf2012]

Download "Malwarebytes Anti-Malware"

 

I've heard this is very good, but I think you have to pay for this. Is there a free version?

 

Thanks for the signature material, Chio151. http://forum.brewerfan.net/images/smilies/smile.gif

Nope, it's free. Here's the link.

 

It's at times like this when I get extra irritated that our timekeeping system at work functions only in IE.

Anything that's hosted on an internal server should be fine because of your company's firewall. It's external web servers that can be affected.

[PeaveyFury]

Anything that's hosted on an internal server should be fine because of your company's firewall. It's external web servers that can be affected.

 

I understood the first sentence, but don't understand the 2nd?

[cwolf2012]

Here's the idea of how it works: There's usually 2-3 tiers of data in a security setup for a company. 1st tier is your sensitive data storage. This usually has its own firewall seperating it from the next tier because if a hacker had access to that data, he could cause a LOT of damage with that.

 

The 2nd tier holds mostly anything hosted internally that should only be accessible to people who are directly in the building and have authenticated to the network. Exchange servers, file servers, ocs, workstations, etc are usually in this area. For example, the site that Hawing uses to log hours is most likely in this area. This has a seperate firewall that is between it and the final tier, which is usually referred to as the DMZ.

 

In the DMZ you keep stuff that is accessible to external clients such as web servers (what you connect to when you go to a website), VPN servers, and anything else you want people to be able to connect to. Finally, there's another firewall between the DMZ and the internet itself.

 

If the web server is infected, then anyone who connects to it using IE could have the virus execute malicious code on their computers, which could cause any number of problems from deleting important files to anything else.

 

EDIT: If anyone with more security expertise than myself would like to elaborate, clarify, or correct my description, please do. I'm only about 6 months into IT work, so I'm still working on my initial security certifications. IT security is the field I'd like to go into eventually, so any corrections would be appreciated.

[1992casey]

Thanks for the link, cwolf2012. It looks like real time protection is disabled in the free version but that you're able to use it for scans and cleanup.

 

Here's the link to the security bulletin for this issue:

 

Microsoft Security Bulletin MS08-078 - Critical Security Update for Internet Explorer (960714)

[Chio151]

Good description cwolf. The separation of different types of information into different DMZs is very critical from an enterprise standpoint. I always explain it like walls of a castle.

 

This particular bug though, as I understand it, was not infecting web servers. It was purposefully dropped onto web servers to harvest data from IE users stored password data. So, the concern was more towards a users local machine. The hackers had initially used it to obtain game passwords, but there was nothing stopping them from going farther.

 

Now, keep in mind that this would only be useful for simple one-factor authentication -- if both your username and password are stored together on a single page. All banking applications were forced to move onto a multi-factor authentication over a year ago. So, if your computer is not registered, then it should ask you for a piece of personal information as well, that a hacker would not have the ability to obtain (unless they were trying to selectively social engineer you (See Palin, Sarah email)). Additionally, with some simple measures on a webpage, you can alter the form field names to disallow the saving of passwords. This is something all sites should do. In fact, I think browsers should simply disallow the saving of any passwords, period. If you want a simplified password management, then use something with a thumbprint scanner or the like.

[B2k1121]

Download "Malwarebytes Anti-Malware" (google it) and give that a scan. It tends to find a lot of issues and clear them out real quick. After that, I would maybe run Spybot or Adaware just to be safe.

Thanks a ton, that seems to be working. I never would have found that on my own.

[cwolf2012]

Glad to be of service.