PandaLabs, Panda Security’s laboratory for detecting and analyzing malware,
has detected some one hundred Web pages, mainly hosted in China, modified to
infect users by exploiting an unpatched Microsoft vulnerability.
The vulnerability lies in the Microsoft Video ActiveX control component and
mainly affects users of Internet Explorer 7 on Windows XP. Microsoft hasn’t
yet released an official patch for this vulnerability, so users could be
infected even though they have all previous security patches installed.
Microsoft has published a workaround for this flaw on its website:
In any
event, PandaLabs advises users to keep an eye out for security fixes
released by Microsoft to patch their systems against this vulnerability as
soon as possible.
Through this exploit, several malware samples can be distributed. PandaLabs
has found one sample which has been distributed this way: Lineage.LAC. A
Trojan Horse which steals information and uses rootkit techniques.
Users of Panda Security are protected against this threat thanks to
TruPrevent proactive Technologies.
“The real danger of this vulnerability lies in the fact that any user could
be infected, despite having their operating system completely up-to-date.
They just have to visit an infected Web page, even legitimate ones, to fall
victim to the infection”, explains Luis Corrons, Technical Director of
PandaLabs. “Thanks to our proactive technologies, users can surf the Web
safely, without fear of becoming infected”.
Panda Security’s laboratory is monitoring this vulnerability very closely.