Eve
11-28-2004, 03:46 AM
From The Sydney Morning Herald
Worm spreads to sites through ads
TUESDAY , 23 NOVEMBER 2004
By SAM VARGHESE
A number of sites in Europe have been reported to be carrying banner ads that are infected by the Bofra worm, the Internet Storm Centre has warned.
The British tech news site The Register was hit by a similar problem on Saturday and forced to stop serving banner ads from third party ad serving company Falk AG.
The ISC said it had received reports of websites in Sweden and the Netherlands which were hit by the same problem. "This may indicate a more wide-spread attack across Europe. One suggestion is that the advertising servers rather than the sites themselves contain the exploit, which of course means that perhaps hundreds of sites are affected," it said in an advisory.
The vulnerability being exploited was discovered on October 24. The flaw lies in the IFRAME tags of Internet Explorer 6.0 and it affects all Windows platforms except those which have installed service pack 2 for Windows XP. Microsoft is yet to issue an official patch for this flaw but a German researcher has issued his own patch for the same.
Worm spreads to sites through ads
TUESDAY , 23 NOVEMBER 2004
By SAM VARGHESE
A number of sites in Europe have been reported to be carrying banner ads that are infected by the Bofra worm, the Internet Storm Centre has warned.
The British tech news site The Register was hit by a similar problem on Saturday and forced to stop serving banner ads from third party ad serving company Falk AG.
The ISC said it had received reports of websites in Sweden and the Netherlands which were hit by the same problem. "This may indicate a more wide-spread attack across Europe. One suggestion is that the advertising servers rather than the sites themselves contain the exploit, which of course means that perhaps hundreds of sites are affected," it said in an advisory.
The vulnerability being exploited was discovered on October 24. The flaw lies in the IFRAME tags of Internet Explorer 6.0 and it affects all Windows platforms except those which have installed service pack 2 for Windows XP. Microsoft is yet to issue an official patch for this flaw but a German researcher has issued his own patch for the same.