“Amid reports that malicious hackers are using the anti-piracy mechanism to infect computers with spyware, adware, dialers and computer viruses, Microsoft officials stressed that the latest attack scenario does not exploit a vulnerability in the software.
"Not every problem comes with an automatic technology solution. In this case, the priority is to educate users and get them to understand the importance of not downloading files from untrusted sources," said Mike Coleman, lead product manager with Microsoft's Windows division.
"If strangers are trying to entice you to open a file, chances are they're setting you up for a bad experience. We need to continue our work on getting people to understand what's going on and get them to develop better download habits," Coleman told eWEEK.com.
Security experts warn that crackers are rigging .wmv files to use the DRM (digital rights management) features of Windows Media Player to browse sites infested with malware.
The WMP software includes an option to "acquire licenses automatically for protected content." When a user tries to play a DRM-protected file, the software triggers an Internet Explorer browser session and walks the user through the installation process.
Ben Edelman, a Harvard University student who tracks the spyware scourge, has published a demonstration of the exploits and warned that users with older versions of Windows will receive "confusing and misleading messages" regarding the DRM licenses.
After attempting to download the DRM license, Edelman said his test computer became infected with 58 folders, 786 files and a whopping 11,915 registry entries. "Not one of these programs had showed me any license agreement, nor had I consented to their installation on my computer," he said.
Tom Liston, a researcher who tracks malicious Internet activity for the SANS Internet Storm Center, said the attack scenario puts users at risk even if they use an alternative browser. "You're only as safe as the version of IE installed on your system."
Panda Software said the rigged video files are being distributed on peer-to-peer networks to dump two Trojans—Trj/WmvDownloader.A and Trj/WmvDownloader.B—on PCs.
Microsoft's Coleman said the company takes all security risks seriously and urged Windows users to take advantage of the protections built into Windows XP Service Pack 2.…”
http://www.eweek.com/article2/0,1759,1751248,00.asp?kc=EWRSS03129TX1K0000610v
Posts
No comments:
Post a Comment