By Pia Heikkila, 3 January 2002 16:50
NEWS Security pundits have warned UK businesses of a malicious virus, which diverts users to porn sites. JS-Seeker-E is a script written to exploit a well-known Microsoft vulnerability. It works by trying to trick the user into visiting a certain site that contains the JS-Seeker-E code. The script will then try to change the user's IE settings such as the start page and the search settings and will try to point the browser to pornographic websites. Graham Cluley, senior technology consultant at Sophos anti-virus, said: "The Microsoft VM ActiveX vulnerability isn't new, it was first seen in October 2000. We've been recommending customers patch against it for over a year. The JS-Seeker-E exploits this well-known hole." "You catch JS-Seeker by visiting a deliberately infected website with an unpatched browser. It cannot travel by its own accord via email, nor can it affect websites itself," Cluely added. The virus itself is not dangerous added Sophos. It just redirects the users' Internet Explorer browser to a website of the attacker's choosing. Cluley said: "Of course, it is still a dangerous vulnerability as it allows remote users to perform actions on your computer without your permission if you have not patched your browser," he said.
In order to post a comment you need to be registered and logged in.
Log in or create your silicon.com account below