Tuesday, 2 March 2010

IE 0 Day for Help files

Clicking 'F1' (help) in IE (Internet Explor(d)er) can lead to attacker executing arbitrary commands, successful attack can lead to compromise of the machine. Exploit should trick the user to click F1 button.
Temporary solution is to disable active scripting in IE until Microsoft provide a patch.
IE in Windows 2000, Windows XP SP2, SP3 & Windows 2003 SP2 are vulnerable. You can find more details here.

Susan Dey SEO Poisoning

Susan Dey is an American actress known for her roles in TV and films.Today malware authors are utilizing her fame to spread malware.

As you search for Susan dey on Google you can clearly see the dodgy website listed in Google web search results.


  If you think its related to Susan and click on the links , its not Susan who greets you, but its rogue antivirus malware (also known as Fake Antivirus)  which gets into your system.



So all users are advised to be careful about the dodgy websites. Click on only links you trust, as you can see in this case the compromised website redirects to a '.in' domain which seems to be 'fakeav' authors favourite at the moment.