Microsoft's Latest Security Updates -- The Good, the Bad, and the Ugly - Download.ject Virus
(Page 3 of 3 )
Some of you are probably wondering about the Download.ject issue. Microsoft discovered the issue in late June 2004; it affects users of IE -- but take note, users of Windows XP Service Pack 2 Release Candidate 2 (Windows XP SP2 RC2) are not affected by this security problem. For those who haven't heard about it -- Download.Ject is one of those nasty infectious programs. All you have to do to fall victim is visit a Web site hosted on a server that's infected with Download.Ject. The Web pages download a Trojan horse to the victim's computer. This Trojan horse may go by one of several names: "Backdoor: W32/Berber," "Backdoor-AXJ," "Webber," or "Padodor." Make no mistake, it's nasty; it can watch you surfing the Internet and capture your logon names and passwords, and it can even open fake dialogue boxes to try to get you to give it information such as your ATM card codes, credit card numbers, and who knows what else.
How to Find out if Your PC is Infected
Microsoft has released a cleaner tool that automatically detects if a PC user's system has been attacked by Download.ject, and gets rid of the malicious code. You can check it out at http://www.microsoft.com/downloadject. Once you get to the page, you can simply click on a button to find out if your PC is infected; I was very relieved, just a few clicks and a few seconds later, to find out that my own PC was not infected with this particular Trojan horse.
NT 4.0 Server Support Ending Soon
So this is the good (and some of the bad); what's the ugly? If you use Windows NT 4.0 Workstation, you may already know about this, and if you don't know, you need to: this is the last security release that supports that operating system. Microsoft will continue to support Windows NT 4.0 Server, but only through December. And, for those of you using pirated copies of Windows XP, this security update may not work at all. Granted, it's wrong (not to mention illegal) to pirate software. However, insecure pirated copies of software can still spread all sorts of nasty things to a variety of systems and networks. Microsoft wants us to think that it takes security seriously now. If so, it needs a better answer to give users of pirated and soon-to-be-"obsolete" software.
| DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware. |
