An attacker could trick a user of Microsoft Corp.’s Internet Explorer (IE) Web browser into downloading and running a malicious program by disguising it as an innocent file, a Finnish security company has warned.

The file name as it appears in the IE file download dialog box can be faked by using certain URLs and HTTP headers on a Web page, making the user think he is opening a media file when in fact he is installing a “back door” on his PC, according to Oy Online Solutions Ltd. IE won’t show the warnings it typically displays when a program file is downloaded or opened, because the .exe file extension may have been hidden or replaced with another such as .txt or .htm. The file is run without any warnings because IE, just as the user, thinks it is a harmless file, Oy Online Solutions said. Details of the vulnerability were first released on the Bugtraq mailing list in late November. Microsoft at the time did not consider it a flaw, but will now release a patch.

Gokar worm spreads by e-mail, Web, chat

A new worm called “Gokar” recently began to spread across the Internet via e-mail, the chat program mIRC and the Web, according to a trio of antivirus firms.

The worm is not destructive and has not yet infected many systems, but as with any mass-mailer worm, could become a nuisance as unsuspecting users spread it. Like other mass-mailing worms such as Anna Kournikova or Badtrans, Gokar spreads through Microsoft Corp.’s Outlook and Outlook Express e-mail clients when a user clicks on an attachment sent with the infected message, according to antivirus firms Symantec Corp., F-Secure Corp. and Trend Micro Inc. Infected e-mail arrives in user inboxes with dozens of combinations of different subject lines, body messages and filenames, though each attachment will end with the .PIF, .SCR, .EXE., .COM or .BAT extensions, the companies said. When the attachment is double-clicked, the worm installs a file called Karen.exe on the infected system and mails itself to all addresses listed in the computer’s address book.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now