19 December 2008

December bugs

You can hardly have missed all the news about Microsoft's Internet Explorer 7 having a pretty disastrous hole that could let sites you visit collect data.

According to The Register, an estimated one in 500 users worldwide have been exposed to the vulnerability, Microsoft estimates. The volume of attacks grew by 50 per cent from Friday until Saturday alone with little sign of a let-up. It's highly unusual for Redmond to quote such stats, and the fact it has underlines the mounting seriousness of the problem.

At first it was reckoned that only IE 7 users were affected, but further analysis suggests that versions 5.01, 6, and 8 of the browser are also vulnerable.

A patch has been released by Microsoft so do make sure you get it and install it. If you have Windows updates turned on to automatic then it should by now have been downloaded but you may still have to click a little yellow shield icon in the tray near the clock to install it. If you aren't sure, just visit Windows Update and follow the instructions.

While you're at it, download Firefox or Google Chrome and use one of them instead. You may still need Microsoft's product for some banks and other sites but the alternatives are currently safer (and quicker!)
A couple of viruses are also doing the rounds:

If you do have either, there are removal instructions available. Let me know if you need them.

W32.Tidserv

This virus copies itself to removable storage (flash drives, external USB drives etc).

A quick way to discover if your PC is infected is to search for the following file:

Windows Vista Home Premium/Vista Home Basic/XP: C:\Windows\System32\dll.dll
Windows 2000: C:\Winnt\System32\dll.dll
Windows Me/98SE: C:\Windows\System\dll.dll

W32.Randsom.A

As with the previous virus, W32.Randsom.A copies itself to removable storage.

A quick way to discover if your PC is infected is to search for the following file:

Windows Vista Home Premium/Vista Home Basic/XP/Me/98SE: C:\Windows\TEMP\errir.exe
Windows 2000: C:\WINNT\Temp\errir.exe

No comments: