New generation of IE malware now circulating

Hackers have released new, more efficient malware that exploits an unpatched vulnerability in Internet Explorer.

Hackers have posted a new version of malicious software that will make it easier for them to exploit an unpatched vulnerability in Microsoft's Internet Explorer (IE) browser. Based on a critical bug disclosed on March 22, the software was posted by hackers Friday to the Milw0rm.com Web site.

The code exploits a flaw in the way IE processes Web pages using the createTextRange() method. Hackers have been using malware that takes advantage of this vulnerability to install unauthorized software on victims' computers over the past week, but this new generation is considered to be more dangerous, according to security researchers.

Older versions of the malware could freeze victims' browsers for more than a minute, giving them an opportunity to shut down their computers or stop the malicious software before it could complete its work. But the new software works more quickly, meaning it will be particularly effective on older machines with limited memory and processing capabilities, said Craig Schmugar, researcher with McAfee Avert Labs.

Though hackers had not widely adopted the new software as of Friday morning, Schmugar said he expected that to change. "It's still pretty early," he said. "I think it's reasonable to expect that people will shift."

The software also uses new techniques to avoid certain types of signatures used by antivirus vendors, said Aviv Raff, a security researcher based in Israel. "It's much more effective," he said. "I think people should know and understand that ... now they are more vulnerable."

The fact that the code was released just before the weekend is also worrisome, because it means that "administrators have to wait for Monday to apply their protections and to give warning to users," said Juha-Matti Laurio, a security researcher in Helsinki.

With a fix for the problem expected as late as April 11, the date of Microsoft's next scheduled security update, security companies Determina and eEye Digital Security issued unsupported patches for the problem. According to eEye, there have been more than 70,000 downloads of its software since its Monday release.

Microsoft does not recommend that users install these patches. Instead, it recommends that users disable IE's Active Scripting feature as a work-around. http://www.microsoft.com/technet/security/advisory/917077.mspx

Despite the severity of the TextRange() bug, McAfee says that the malware that takes advantage of it is not particularly widespread. This software at present ranks number 13 in McAfee's list of the top 20 pieces of malware being reported, Schmugar said.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Robert McMillan

IDG News Service
Show Comments

Brand Post

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Jack Jeffries

MSI GS75

As the Maserati or BMW of laptops, it would fit perfectly in the hands of a professional needing firepower under the hood, sophistication and class on the surface, and gaming prowess (sports mode if you will) in between.

Taylor Carr

MSI PS63

The MSI PS63 is an amazing laptop and I would definitely consider buying one in the future.

Christopher Low

Brother RJ-4230B

This small mobile printer is exactly what I need for invoicing and other jobs such as sending fellow tradesman details or step-by-step instructions that I can easily print off from my phone or the Web.

Aysha Strobbe

Microsoft Office 365/HP Spectre x360

Microsoft Office continues to make a student’s life that little bit easier by offering reliable, easy to use, time-saving functionality, while continuing to develop new features that further enhance what is already a formidable collection of applications

Michael Hargreaves

Microsoft Office 365/Dell XPS 15 2-in-1

I’d recommend a Dell XPS 15 2-in-1 and the new Windows 10 to anyone who needs to get serious work done (before you kick back on your couch with your favourite Netflix show.)

Maryellen Rose George

Brother PT-P750W

It’s useful for office tasks as well as pragmatic labelling of equipment and storage – just don’t get too excited and label everything in sight!

Featured Content

Product Launch Showcase

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?