Microsoft

[breezer]

.......... video ..........video............

I take it its a BLUE video then

 

[TheKLF99]

The point is that at some point you click on a video link on a website which you know is not particularly well controlled, and you get told you need to install some new software.

Alarm bells should bl**dy well ring.

This doesn't always work, it depends on how you have media player set up. If you tick the box that says automatically download and install codecs in the settings then media player will automatically download and install the virus without asking, all it will show is a little title bar at the top "Downloading new codecs... Please wait" or something like that.

The virus coder is depending on people having this tick box checked (which is checked by default by Microsoft to make it "easier" for the simple user to understand - kind of also like the "Hide extensions for known files" tick box that is automatically checked too (btw - that too can give you a virus without realising it as someone can call a file myvirus.txt.vbs, you would just see myvirus.txt and the vbs (visual basic script) extension is hidden, also the icon for a vbs file is nearly identical to a text file! The best trick I've seen by a virus is to have a file with a .com e-mail address at the end of it - having .com at the end of it turns the file into an executable file!)))

It seems the more easier Microsoft try to make Windows for people the more vulnerabilities they introduce in the process, which in turn make Windows far more harder for people to use and far more open to security threats. If I could run all my Windows programs in Linux I'd much prefer to use Linux any day, at least that asks you for the "super user" password before making any major changes, but doesn't do it in such a way as Vista's annoying "are you sure you want to do this" on every little thing (I ended up turning it off, 'cos I left Windows copying files from one hard drive to the other, came back about 2 hours later after going out thinking it would be done, only to find a stupid little box asking me if I'd asked it to copy the files! Grr...). Vista's protection system would have been good if you could have had a slider system to reduce the amount of stupid "Are you sure you want to do this" questions but as its all or nothing it's just a pain to use (and when you turn that off you also have to turn off all security alerts or else it sits there and whinges that you have it turned off, again you can't just disable that one warning it's all or nothing!)

Anyway I've just got an e-mail from PC Pro about what the vulnerability is in Internet Explorer and it turns out it's NOT the video vulnerability.

The vulnerability stems from a memory corruption error in the handling of DHTML data bindings, and allows hackers to remotely execute code when the browser crashes. Hackers have been exploiting the vulnerability for over a week, with attacks initially coming from a number of Chinese-hosted porn sites.

Qoute from PC Pro

 

[Estrella]

If I'm right I'm guessing it's something like Koobface virus. If this is the case then this one is easy to deal with. When you get a message from your friend on Facebook telling you that they've seen you on a video and to click a Facebook link to view the video, e-mail your friend back to see if they really did send that message, if not ignore it and tell your friend to check their system for the Koobface virus.

The Koobface virus works by sending you a link to the Facebook redirect cgi page which redirects you to another website outside of Facebook with a video which is encoded in a special way. It makes Media Player believe you need a new codec to watch the video, the codec is the Koobface virus, so Media Player downloads and installs the codec, installing the virus (which then goes in and sends messages out through your facebook account to all your friends and family telling them to view this video, it also installs a proxy so all internet requests go through the hackers computer, so he can block things out such as anti-virus websites/anti-virus updates, he can also take stuff such as passwords, usernames, credit card details, etc)

I was hoping you would have had something more substantial than quoting another incorrect poster.

Anyway I've just got an e-mail from PC Pro about what the vulnerability is in Internet Explorer and it turns out it's NOT the video vulnerability.

You don't say!

I take it its a BLUE video then

LOL