Once again another MSN Messenger Virus is spreading around the Internet. This time the virus sends the following message to all your contacts, obviously I wont post it's complete target but the it's hosted at http://teh-cia.us if anyone of your contacts sends a message with that URL in it please do NOT click it. It poses as a gallery but it's not!

By the time I send this loads of people World Wide would have been infected by this MS-DOS application please don't let one of those people be you!

It is unknown to me what this file actually does but it's filename is unknown@hotmail.com I will post some more information on how to remove this malicious file when I find some articles..

All the best,

-Andy.

Gotta love Microsoft charging us a crap load of money to use products that aern't even safe. Although Msn Messenger is a free service, I'm not surprised.

Thanks for the warning

Are you kidding?
Why is it Microsoft's fault that users accept dangerous files and then run them or click on random urls? That's the fault of the person that accepts the file and them only, not the creator of the software the worm uses to spread.

The fact that simply visiting a website can infect your computer is down to IE being filled with holes. Yes, people should know by now that if you use IE (or any browser really) you shouldn't click on URLs like that, but the bottom line is that people really shouldn't have to worry about being infected simply by visiting a website in the first place.

you can get infected by just visiting a website? Damn thats hard. I always knew MS was the root of all evil. ( yet still i use it )

There have been worms in the past that have taken advantage of security vulnerabilities in MSIE; however, it appears that this one doesn't. At least according to McAfee.

http://vil.nai.com/vil/content/v_133357.htm

and no, i am not kidding

You cannot get infected by visiting a URL with internet explorer unless you don't patch (windows update). Lots of well made software has had security problems in the past.



Oops, ignore the "[Re: alkahol1k] ".

I'm aware that ie is at fault there.
From what I understand he was blaming MSN Messenger, not ie:



I was saying that it's not Microsoft's fault that certain worms use MSN Messenger to spread.

If it's a DOS worm, it's not technically M$'s fault at all. M$ just acquired DOS... it isn't really theirs.

As far as ANY browser, you can set your security preferences. If you're not using low security settings in IE, you have no problems. If you run a decent virus scanner program in the background, you have no problems. If you keep your software updated, you have no problems. It's not that difficult, but people don't do so.

No matter how secure something is, if a person (aka hacker) wants to make a virus/trojan/etc to get through it, they will. You can't really blame the software. Anything is crackable. That's why there has never been a software that has not been cracked within a very short time of release. People know what they are doing.

Now, I'm not supporting M$. I don't really care for them that much. I do use their software because it works and I like it better than the alternatives. But, I don't really support it. I just get tired of hearing people bash software when it's not really the software's fault.

Think about it like this. If Firefox were the main browser on the net, all these same virus/trojans would be written to break through that one and you'd have the same problem. It's a different program, so of course it won't be affected as much. Just like linux or macintosh... very few viruses affect them because they are different software and the viruses/trojans are not written for it. If Windows was not the most used OS, the viruses/trojans would be written for one of those instead and it would be the same situation. The hackers just take time to affect the most users... they can break any OS/software if they try, but if they don't have the userbase to make it worthwhile, they usually don't bother.

Ie has many known exploits, changing your security settings doesn't get rid of those.

Updating does get rid of most. Combine that with a decent level of security setting so it won't run unwanted code like activex and such without your knowledge. Combined yet again with a decent virus scanner that also checks for hijackers and you are basically set. Then, just run a couple trojan/hijacker scanners every so often and you have nothing to worry about. I think one has gotten through in about 4 years of using XP for me and all I use is IE.

Name some. They get patched just like the recent serious Firefox exploits.

List of patched/unpatched ie exploits.

My only point is that if you stay up to date, the chances aren't really any better on IE than on another browser. They all have exploits and vulnerabilities. To think otherwise is fooling yourself. To think the other browsers are less vulnerable is fooling yourself. Just because the hackers attack a specific browser does not mean other browsers are not as vulnerable or are more secure. If you do like I said and keep a popup blocker running (IE's or another) and don't visit porn sites -- those are where most viruses/trojans can be found -- then you really are pretty safe with IE or any browser.

I never said I think firefox or any other browser is more secure than ie, but for the time being i'd say they are (less known exploits means less chance of being exploited)

Anyway, let's not turn this into a browser war

Other browsers are more secure in that sence becuase as they are less known they are used less, and thus attacked less. So by that fact alone are more secure. But i agree with that if everything was agressively attacked your likely would find that every single one of them has holes wide enough to sale an ocean liner through.

It makes me think of how people say Unix (all varieants) is far far more secure, and i just wonder is it, or is it that MS just gets attacked alot more.

I wouldn't say far far more secure, but a combination
of being probably more secure to a small degree & MS
being more of a target for attacks.

As far as Unix/Linux... in a sense, it's more secure because if you know how to use it (including installing/changing stuff), then you know exactly what is happening in the system. Nothing is really hidden compared to Windows. It's also set up easier as far as being able to kill stuff. But, in the end, it can still be attacked just the same.

The fact that they're open source OS's means bugs will be found and fixed a lot quicker also.

Open source also means that same logic can be applied from the other end.

I guess so, but it's highly unlikely that a single person will find and exploit a bug in a fairly popular OS, there will most likely be quite a few people that find the same bug and it's unlikely that all of them will use it for trouble.

It's hardly that bad. This site has a pretty well presented case study of actual ActiveX exploits compared to user-dependent infections. And if you already clicked the link and I hadn't deleted the hyphen, you'd be in the exact same situation as any IE, FF, Moz, Opera user - facing a run box.

Malware is caused by ignorance and clicking 'yes'. I'd use IE if no one else ever touched my computer (and it had tabs, and rss bookmarks). Just the other day I found someone panicking because 'the popup won't close, and keeps opening windows!'. I go to investigate and find that they're clicking the Win98 style X box on a static banner on a webpage, opening god knows how many instances of an ad. Nevermind that the rest of Windows is skinned to look like OSX.

The exploits that aren't patched don't allow code execution e.g. virus execution.

Can't be so sure about that... I'm pretty sure that there have been worms in the past that can infect you through a security exploit when you open an e-mail message in Hotmail or Yahoo with MSIE.

Bugbear.

Are you kidding ?

I've noticed that alot of these website virus' are ran without the user being aware. In the past I've looked into one of these websites and noticed that when you visit the site it automatically runs a .vbs files as soon as the site opens and you never even see it. Once the .vbs file has run it creates a .ini file within the windows root and expands from there infecting mainly mIRC folders among other locations so to rebuild itself upon removal. This may have just been a weak mIRC/IRC trojan type infection but none-the-less it runs the same rule in my opinion. I've found if you install a simple program called Script Defender from analogx you can stop anything from running as long as the extension is listed in the program as a blocked extension.