ZDNet UK


Skip to Main Content

  1. Home
  2. News
  3. Blogs
  4. Reviews
  5. Jobs
  6. Resources
  7. Community
  8. My ZDNet

 

ZDNet UK RSS Feeds


Desktop platforms Toolkit in association with http://ad.doubleclick.net/clk;205413468;14699245;m?http://adfarm.mediaplex.com/ad/ck/2397-58840-22058-14

Windows XP flaw opens door to Trojan attack

Published: 30 Dec 2004 09:50 GMT

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

Online miscreants have released a Trojan horse that can infect computers running Microsoft's Windows XP, installing programs to remotely control a victim's system.

Symantec warned in an advisory this week that the program -- dubbed "Phel", an anagram of "Help" -- infects visitors to a maliciously created Web site through Internet Explorer's Help controls. A bug in the malicious program may prevent it from infecting some computers, the security company said.

The Symantec advisory can be found on the company's Web site.

The Trojan horse exploits a vulnerability, found in October, in how Internet Explorer and Windows XP Service Pack 2 handle help files called from Web pages.

The flaw is unrelated to the recent help-file flaws outed by a Chinese security company last week. In that instance, Microsoft took the Chinese security group to task for disclosing the vulnerability without giving the company a chance to develop a way to fix the problem.

A company spokesperson said: "Microsoft is working to forensically analyse the malicious code in Phel and will work with law enforcement to identify and bring to justice those responsible for this malicious activity."

A patch is not yet available from Microsoft for the October flaw, nor the most recent flaws, but the software giant said its programmers are working on the issue.

"Microsoft is taking this vulnerability very seriously, and an update to correct the vulnerability is currently in development," the spokesperson said. "We will release the security update when the development and testing process is complete, and the update is found to effectively correct the vulnerability."

  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with Konica

Did you find this article useful?
52 out of 117 people found this useful


In association with Intel

Talkback

Post a comment


Full Talkback thread

0 comments

Related Links

More In Desktop platforms



Related Jobs

Dutch Premier Platform Desktop

SAP Batch Support Analyst

Service Engineer - North East

Microsoft Futures

Windows 7: Mixed reviews from PDC attendees

As developers received their copies of Windows 7 on Tuesday, they offered varied reactions to the Microsoft operating system update More

Microsoft floats clouds on Windows Azure

At the Professional Developers Conference, Microsoft announced the Azure Services Platform, the company's cloud-computing platform More

Ozzie: Success of Azure comes down to trust

In an interview, Ray Ozzie says businesses will be taking a risk by placing core operations in Microsoft's datacentre, but that the software giant has more to lose if things go bad More

Desktop Management Benchmarking

Test Your Desktop Management Systems

How good are your company's desktop management solutions? How do they compare with those of your peers?

Take two minutes to complete our new Desktop Management and Energy Consumption benchmark, and find out what issues your business needs to focus on.