Tomalak’s Realm links to InfoWorld: Experts agree on method, not scope of IIS attacks.
“We don’t have significant reports of Web sites compromised or of
people sending us examples of the new Trojans,” he said. “I’d rate this
a low risk if you’re patched and a medium risk if you’re not.” Still,
other security companies reported widespread infections.
Three exploits took place at once: the IIS 5.0 servers had an SSL flaw
(patched in MS04-011) that allowed them to be infected. The Windows PCs
had two flaws: an MHTML handling problem in Outlook Express and IE
(also patched, in MS04-013) and a cross-site scripting exploit
identified last week that remains unpatched.
If you must use IE (for example, I can’t get to the Microsoft KnowledgeBase without it), make sure to do the following:
- Set your IE security level to high (Tools, Options, Security:
Select ‘High’ from the drop-down and then ‘Reset’ – you’ll want to note
your previous settings and record them somewhere in case you’re having
problems browsing), and
- Make sure your virus scanners up to date. Even though I had
upgraded to NAV 2004 on Friday and updated to the most recent files
then, I download two updates this morning (Sunday) with 1.2Mb+ of new
stuff in them.