Microsoft plans quick VML security patch -- PCTECH

By Byron Acohido, USA TODAY
SEATTLE - Microsoft (MSFT) on Monday said it plans to take the unusual step
of issuing a security patch as quickly as possible to stem a newly
discovered flaw in its Internet Explorer Web browser that cybercrooks have
already begun exploiting to take control of victims' computers.
The flaw in Explorer's Vector Markup Language (VML) coding is alarming
because hackers and cyberthieves have already begun using it to plant
malicious computer code on at least 2,000 websites, according to security
firm VeriSign iDefense. 

Simply clicking on a tainted website turns control of the victim's computer
over to the attacker. Over the weekend, cybercrooks stepped up e-mail spam
designed to lure victims into clicking on a tainted Web page, many designed
to steal account log-ons and other sensitive data.

"We know of several large-scale spamming events," says Ken Dunham, director
of the Rapid Response Teams at VeriSign iDefense.

Microsoft normally issues security patches monthly; its next batch is due
Oct. 10. But Stephen Toulouse, Microsoft's security program manager, said
work has begun on a patch that will be issued as soon as it can be fully
tested. "Quality is going to be the key driver, so customers can trust the
patch," he says.

In the meantime, computer users can protect themselves by disabling VML
coding. Instructions from Microsoft can be found at:
www.microsoft.com/technet/security/advisory/925568.mspx

Over the weekend, cybercrooks began sending out e-mail containing tainted
website links that can exploit the VML flaw in the Outlook e-mail program.
Simply opening the e-mail message activates the malicious program. It is
also possible for tainted e-mail to compromise a computer simply by
appearing in the preview window of the Outlook inbox.

Until a patch is ready, Microsoft recommends setting Outlook to read e-mail
only in plain text, and not in the HTML format that opens Web links.

The VML attacks illustrate how cybercrooks continually probe new ways to
break into computers.

"One of the big dangers here is you don't have to do much, and you may have
opened the door to letting the bad guys push malicious code onto your PC,"
says Jim Fulton, marketing vice president at browser security firm
GreenBorder. 

The VML problem is the latest in a surge of attacks focused on the
relatively unprotected Web browsers. A semi-annual Internet threat report
compiled by anti-virus giant Symantec found 38 Internet Explorer browser
flaws reported in the first six months of 2006, a 55% increase over the last
six months of 2005.

The popular Mozilla Firefox and Apple Safari browser have also become
targets; Symantec noted 47 security holes were reported in Firefox and 12 in
Safari in the first half of this year. "Browsers are drawing a great deal
more scrutiny from attackers, because we all have one," says Alfred Huger,
Symantec senior engineering director. "Browsers give attackers a massive
avenue to break into people's computers."
 

Mike Grant
Bytware, Inc.
775-851-2900 

http://www.bytware.com


CONFIDENTIALITY NOTICE:  This e-mail message and any attachment to this e-mail 
message contain information that may be privileged and confidential.  This 
e-mail and any attachments are intended solely for the use of the individual or 
entity named above (the recipient) and may not be forwarded to or shared with 
any third party.  If you are not the intended recipient and have received this 
e-mail in error, please notify us by return e-mail or by telephone at 
775-851-2900 and delete this message.  This notice is automatically appended to 
each e-mail message leaving Bytware, Inc.