Wednesday, July 14, 2004
Microsoft released a tool on Tuesday for removing a particularly pesky computer virus - but was not yet able to offer a software patch to prevent the infection from spreading.
Stephen Toulouse, a security program manager with Microsoft, could not say when the patch to thwart the virus, called "download.ject," might be completed.
The virus was discovered in late June and exploits a vulnerability in Microsoft's Internet Explorer browser.
Microsoft previously released a security update that changed settings in its Windows operating system to thwart infection from the malicious code, which is designed to steal passwords and other valuable information.
But that update did not entirely fix the flaw that enabled the spread of the virus, which converts popular Web sites into virus transmitters.
On Tuesday, Microsoft also released more tools that alter Windows settings to prevent "download.ject" from getting to desktops. Security experts have warned that the virus might mutate or seek other routes of attack.
The vulnerabilities prompted some security experts to recommend that people switch from Microsoft's vastly dominant IE browser to rivals such as Mozilla or Opera. Those calls were strongest while Microsoft left the recent vulnerability unfixed and open to exploit.
Toulouse said the attack did not appear to be widespread, since the company had not seen a big spike in customer calls about it.
Microsoft also released two other patches Tuesday that were deemed "critical," Microsoft's highest level of security warning. The patches fix vulnerabilities in Windows that could allow an attacker to take any action on a user's desktop, simply by convincing the user to click on a Web link.
By: DocMemory
Copyright © 2023 CST, Inc. All Rights Reserved
|
