Hi, Has anyone looked into this new Xupiter toolbar to see how it is being installed on people's computer? In particular is it using some IE security hole for the install or does it just use the standard ActiveX drive-by download mechanism?
Here's more info about Xupiter from Slashdot: World's Most Annoying IE Toolbar Posted by michael on Thursday January 30, @09:02AM from the someone-will-surpass-it-soon dept. nautical9 writes "Following the same devious footsteps of the infamous Bonzi Buddy, Gator, and Comet Cursor "enhancements", Xupiter now has their own self-installing toolbar for IE. There are many claims that if you leave your security preferences at their default level, it will install itself without your express permission. And once on your system, it's gracious enough to reset your homepage to xupiter.com, forward all your searches to their search engine, download and automatically launch applications (like gambling applets), and blocks all attempts to set these back to normal. Removing it isn't trivial either - it automatically checks for updates upon reboot, where it constantly changes the registry settings it uses, making the jobs of spyware removal programs like AdAware or Spybot Search & Destroy much harder. No word yet if it collects and forwards personal data." http://slashdot.org/articles/03/01/30/1314236.shtml?tid=113 Richard M. Smith http://www.ComputerBytesMan.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
