A new wave of

By Michael Myser  |  Posted 2005-03-15 Print this article Print

infections on the way"> According Christopher Boyd, the Vitalsecurity.org researcher, versions of alternative browsers including Firefox, Mozilla, Netscape and Avant all allow the execution of code within IE. "Theres definitely a new wave of infection triggers on the way," Boyd told eWeek.com. "Realizing that people are turning away from IE, theyve [virus writers] now latched onto the idea of using non-browser specific platforms to nail the PC."
Boyds bigger concern, however, is the application writers use of Java as a gateway to execute the code.
Read more here about Firefoxs major security update to fix several known cross-site scripting and domain-spoofing vulnerabilities. By employing JRE, the installer appears as a Java applet rather than an Active X component, which is inherent to IE alone, and downloads a native executable binary (PE file). That PE file then installs the offending adware and spyware applications. "In this way, if the browser being used can recognize and install the applet, then it doesnt seem to matter what browser youre using, or how tight your IE security is," Boyd wrote on the site. He also noted that deleting the newly created file will not remove the new adware, it will only remove the installer. Boyd told eWEEK.com that rather than giving the end user the ability to decide whether to download the infected applet, Java should automatically lock down potentially malicious code. Sun and Mozilla developers are currently working jointly to secure the browser and JREs ability to execute the code. Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.


Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel