Running Internet Explorer?
Be careful where you surf -- there is a new exploit out there.
From the
Microsoft Security TechCenter:
Microsoft Security Advisory 2963983
Vulnerability in Internet Explorer Could Allow Remote Code Execution
Microsoft is aware of limited, targeted attacks that attempt to exploit a vulnerability in Internet Explorer 6, Internet Explorer 7, Internet Explorer 8, Internet Explorer 9, Internet Explorer 10, and Internet Explorer 11.
The vulnerability is a remote code execution vulnerability. The vulnerability exists in the way that Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated. The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer. An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website.
On completion of this investigation, Microsoft will take the appropriate action to protect our customers, which may include providing a solution through our monthly security update release process, or an out-of-cycle security update, depending on customer needs.
This is the classic sort of thing that those people still using XP on the net will find themselves vulnerable to. An anti-virus program will simply not prevent your system from being taken over.
The classic example is when you receive an email from someone you know and there is minimal text in the content, just a URL to an unfamiliar site. Do not click on that link as it probably points to an infected site. Email the sender asking them if they sent that email and let them know that they have been infected.
Here is a list of things to do that I wrote two weeks ago:
#1 - disconnect your system from the internet... NOW...
#2 - find a second system to use to download some files
#3 - get these downloads (all are free):http://www.malwarebytes.org/mwb-download/
http://www.malwarebytes.org/antirootkit/
http://usa.kaspersky.com/downloads/TDSSKiller
http://www.sophos.com/en-us/products/free-tools/sophos-anti-rootkit.aspx
copy them onto a memory card or CD ROM or something.
#4 - Boot into Windows Safe Mode / no networking (reboot the machine and hit [F8] as the system is restarting).
#5 - install and run the apps in the order I listed them. Some of them will ask to download the latest databases - do not do this, just go for the complete scans first.
These apps should find what has infected your system. Jot down the names and then go and Google them after this is all over -- you can learn how you got infected in the first place.
#6 - if these apps have __not__ found anything, consider reinstalling Win7 and starting over again. If there are files you want to copy before wiping the disk, use the excellent SystemRescueCD to do this -- copy your user files onto a stand-alone hard drive:http://www.sysresccd.org/SystemRescueCd_Homepage
Burn a copy of this file onto a CD-ROM and boot your system from it -- it will run a very simple version of Linux and it has a lot of file copy functions. To get the graphical user interface when it is done booting, just type " startx " at the command prompt. The little icon at the bottom left of the screen is your start menu.
#7 - when you are done running the apps, reboot your system normally (no [F8]) and run them again. This time, let them get the updated databases.
Posted by DaveH at April 27, 2014 3:58 PM