Site porno é ninho de vírus

RavenMaster

Power Member
"Fotos eróticas? O worm Bofra.A, que circula desde ontem na internet, garante que se você clicar num link que ele envia por e-mail, com linhas de assunto como “Ola, fotos engraçadas :)”, poderá ver uma pá delas."

link
 
o Bofra.A explora uma falha no modo em que o Internet Explorer trata as tags “frame”e “iframe”, usadas em documentos HTML. Considerado como crítico, o bug pode colocar em risco também o Outlook e Outlook Express.

Acho que está tudo dito. :D
 
Fica aqui o link para a vulnerabilidade e o que podem fazer para resolver o problema:

http://www.kb.cert.org/vuls/id/842160

III. Solution
There is no complete solution to this problem.

Install Windows XP Service Pack 2 (SP2)


Microsoft Windows XP SP2 does not appear to be affected by this vulnerability.

Disable Active scripting

Disabling Active scripting makes it somwehat more difficult for an attacker to prepare the heap to easily execute arbitrary code. At a minimum, disable Active scripting in the Internet zone and the zone used by Outlook, Outlook Express, or any other software that uses the WebBrowser ActiveX control. Instructions for disabling Active scripting can be found in the Malicious Web Scripts FAQ. Note that an attacker could prepare the heap using other techinques, so disabling Active scripting only provides defense against attacks that use Active scripting.

Do not follow unsolicited links

Do not click on unsolicited URLs received in email, instant messages, web forums, or internet relay chat (IRC) channels.

Render email in plain text

Configure email client software (mail user agent [MUA]) to render email messages in plain text. Instructions to configure Outlook 2002, Outlook 2003, and Outlook Express 6 are available in Microsoft Knowledge Base Articles 307594, 831607, and 291387, respectively.

Maintain updated antivirus software

Antivirus software with updated virus definitions may identify and prevent some exploit attempts. Variations of exploits or attack vectors may not be detected. Do not rely on antivirus software to defend against this vulnerability.
 
Back
Topo