The Russian web server at the centre of a serious net security problem has been shut down.
>From the BBC: When visited by unwitting web users the server exploited loopholes in Microsoft's Internet Explorer and opened a backdoor into compromised PCs. When first discovered, the security problem prompted experts to tell people to avoid using Internet Explorer. The problem was judged serious because many trusted websites were innocently sending people to the suspect server. Security scare When visited, the Russian computer was sending computer code that could give malicious attackers complete control over a compromised machine. So far Microsoft has not produced a patch for the loophole that this code sneaks through. The loophole being exploited was first found two weeks ago. Microsoft has urged users to update their browsers, raise security settings to high and disable Javascript. It adds that making these changes could mean some websites do not display as expected. The extent of the web browser breach is still being determined The software giant has also posted advice to help people find out if they have fallen victim to the bug which Microsoft has dubbed Download.ject. Others are calling it the Scob trojan. Analysis by security firm Lurhq reports that the downloaded code is a variant of the Berbew/Webber/Padodor trojan. Speaking during a trip to Australia Microsoft Chairman Bill Gates said: "The thing we have to do is not only get these patches done very quickly..., we also have to convince people to turn on auto-update." He added: "We will guarantee that the average time to fix will continue to come down." Warnings about the problems caused by the Internet Explorer and server combination were first released by the US Computer Emergency Response Team and the Internet Storm Center. It is not yet known how many websites and PCs have fallen victim to the combined attack. However, the sting in the tail of this security problem now seems to have been removed as the server at the centre of it is shut off. Soon after the problem became known late last week, many net service firms started blocking the web address of the Russian server. The popular websites that were unwittingly contributing to the problem by directing people to this Russian server appear to be some of the few that have not closed vulnerabilities exploited by the Sasser worm. According to Lurhq the code that Internet Explorer downloads is designed to steal login information for Ebay, Paypal, Earthlink, Juno and Yahoo accounts.
