Announcement

Collapse
No announcement yet.

Virus Profile: Exploit-MS06-014

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Virus Profile: Exploit-MS06-014

    As soon as I visited Officer.com this evening, McAfee alerted me that my program had detected and removed a virus called: Exploit-MS06-014.

    I recommend the site admin look into this ASAP.

  • #2
    Internet Explorer (MDAC) Remote Code Execution Exploit (MS06-014) an open version, for educational purposes is at http://www.milw0rm.com/exploits/2164 to show you the script, and how it behaves.

    You'll find the longer you use Microsoft's Internet explorer, the more viruses you'll get, most exploitive scripts are against IE. Best way to avoid exploits is to use Mozilla Firefox as your browser (the primary reason one uses firefox, is because they encourage users to find exploits, and give rewards for those found, and then immediately patch them), with avast anti-virus (100% free, and will actually protect your machine, without hassling you), and zone alarm's fire wall (this is the most anal firewall on the planet, vista's in born software cowers at its annoyance, but nothing will get through it); all of them are free:

    Firefox, http://www.getfirefox.com
    Avast: Google for "Avast Anti-Virus" or "Alwill Software"
    Zonealarm: Http://www.Zonealarm.com

    You're computer will be safe, and it won't cost you a dime. However for about 30 bucks on top of all that, buying yourself a hardline firewall, a "router" will protect you even more. Dial-up users need a little less to worry about since most viruses, not to mention websites are geared for high speed net users.

    On top of that I recommend partitioning your harddrives out there, so that windows has its own little spot, and you then run everything else on a different drive. That way if windows goes down all of your data is protected.

    Anyway, here's the skivvy on RCEE MS06-014.

    Its a pretty old script exploit, about a year old, most anti-viruses will stop it, if their Databases are up to date, and have the removal software for it. The exploit is essentially a key, opening your computer up allowing Internet Explorer to execute arbitrary code or crash upon exploitation. Any number of subsequent actions may be taken by the malware, what that means is once its in, it can just kill your browser but if its a malicious hacker, they could use the exploit to upload viruses, worms, or trojans to your computer. The way it gets in, is by acting like a webserver, so you go to visit blahblah.com, when in fact its the code faking this website, and upon you clicking that site, and loading it, the script executes. So unless you're running a PERL implementation (PERL is a special programming language, that needs special software, to read or write anything in it. And if the user doesn't have PERL, he cant do anything, unless he has the software, which is just HUGE!) however, the user is still vulnerable to other people running this exploit, if the user is still using Internet Explorer as his browser (again why Firefox is preferable) in fact, Internet Explorer is the ONLY web browser that is affected by this. The MS06-014 is less a virus and more of a Hackers Haligan Tool to break into your system.

    Methods for removal:
    Consult your anti-virus providers website, preferably through the safe-mode of your computers Adminstrator account.

    Microsoft offers additional removal tools, and I think they actually patched this last August, so its surprising that you even got a warning about it.

    Hope that helps to calm it down a tad
    The right man in the wrong place, can make all the difference.

    Comment


    • #3
      You know your stuff ...

      Thanks for the information, you really know your stuff.

      And as I mentioned earlier, my VPP already identified it and removed it.

      Good information all the same though.

      Comment


      • #4
        not on topic, but a recommendation when you're in the market for a computer

        Get a Mac.

        You will be happier -- trust me. I joined the dark side in August when I bought a Macbook Pro. I was probably the #1 anti-Apple PC guy.

        Amazing how things change.

        New Macs and OS X are top-notch products. They're fast, they just work, there's no BS, and if you want to run Windows you can with Bootcamp or Parallels (or both). I don't WASTE TIME on the computer anymore. It's scary that I used to enjoy wasting time fixing problems that shouldn't even be problems.

        Price isn't so much an issue anymore when you compare exactly what you get for your dollar.

        And here's the point I was getting to: while no OS is immune to viruses, at this time, you are FAR less likely to have to deal with viruses/trojan horses/etc on a Mac. Sure, it could change tomorrow with an avalanche of Apple viruses and trojans. But I don't think that's too likely.

        Two up for Macs from a former PC addict.
        Last edited by Resq14; 04-13-2007, 12:11 AM.
        sigpic
        A L L G A V E S O M E,  B U T S O M E G A V E A L L

        Comment


        • #5
          Despite the praise, and marketing efforts, Mac's are rather unstable operating systems, that are just as fickle if not more fickle than Windows Based PC's. Macs Crash, Reboot, and have software failures as much as any other computers, dare I say I know more people with Mac Problems who are proficient computer users, than novices on PC's.

          However its still so wonderful that the final echelon of digital perfection in protecting yourself is again Free like the other alternatives to protecting your computer. The last and best solution is to begin using Linux, the free operating system. A FREE OPERATING SYSTEM. Linux is amazing in the fact that there is no evil cooperation behind it, just a legion of nerds who love coding. Its like the firefox of OS' in that if there is a problem the user community is usually the first one on top of the problem. However choosing the right version of Linux is important (kinda), some are geared for proficient users, and hackers, others are geared for people who hate windows and macs.

          Personally I find the Ubuntu build the most user friendly, which is why I have two operating systems on my PC.

          Of Course you're asking "what about my Microsoft OS, based software" well there is a lovely little program called "Mini XP" the entirety of the Windows Operating System in less than 500mb's, which runs in the background of Linux. The other vital and winning point of Linux is its very gentle on Hardware, the system is designed to run on just about everything, and is not only forgiving, but less taxing and more expeditious in its delivery of service.

          The Mac v.s. PC battle will never end. But there is a way to survive the fight on either side without emptying your pockets, freeware, is the bestware.
          The right man in the wrong place, can make all the difference.

          Comment


          • #6
            Originally posted by Enikad
            Personally I find the Ubuntu build the most user friendly, which is why I have two operating systems on my PC.
            Amen, I just decided to take the plunge and run a dual-boot and I love it!

            Comment


            • #7
              I used to get this stuff all the time at a place I worked. "I think I got a virus" and I'd follow up with the "*sigh* how do you think you got it?" and they'll plead innocence and "I dunno I only go to CNN *insert other places*" and then I'd check it out.
              Fast forward to 15 minutes later.
              "So I removed the virus...if you don't want another I'd recommend you stop opening those retarded chain emails with attachments and lay off the gay porn kay?" I've yet to find the reason a person got a virus was because of a legitimate site.

              Moral of the story...if you're gonna browse porn use Firefox

              *Insert picture of naked woman covered by Firefox logo*

              ...use your imagination!

              Comment


              • #8
                Guys, Very interesting posts here. Bear with me as I am not to sharp on computers. Could you put this apple stuff in layman terms? Is apple a software or a computer? Whats the advantage. (Told you I don't know computers) Mine is a HP Pavilion a735w and I have lots of problems. My kids are always on a site called my space and it seems to cause problems. What do you recommend?
                "Laws that forbid the carrying of arms. . . disarm only those who are neither inclined nor determined to commit crimes. . . Such laws make things worse for the assaulted and better for the assailants; they serve rather to encourage than to prevent homicides, for an unarmed man may be attacked with greater confidence than an armed man." - Thomas Jefferson

                Comment


                • #9
                  Apple is a hardware brand. As In the computers, however Apple also develops software, operating systems (OSX), Itunes, and what not. If you've been on PC's for the longest time, and are not computer savvy a switch to an apple is not recommended unless you're a graphics, or digital media designer.

                  Myspace is a cesspool of malware and viruses, kids follow links and get themselves in a whole heap of trouble. Thing you're going to have to do is reformat (redo everything) your computer, and use the tips I listed for security earlier. Avast, Firefox, Zonealarm, and Ad-Aware.

                  Other thing I'd recommend is get those kids the hell off of myspace. Its really more geared for College students, and networking, kids don't need networks. If your kids have interests tell them to search the net for a Forum, that is relative to their interests, and have them congregate there. Its easier to monitor their activity, and will keep them out of the reach of sicko's, and malware.
                  The right man in the wrong place, can make all the difference.

                  Comment


                  • #10
                    Be open minded, and do your OWN homework

                    Originally posted by Enikad View Post
                    Despite the praise, and marketing efforts, Mac's are rather unstable operating systems, that are just as fickle if not more fickle than Windows Based PC's. Macs Crash, Reboot, and have software failures as much as any other computers
                    That is completely the opposite of my experience with all types of XP computers compared with MODERN Apple Macs and OS X. Do you have a modern Mac with current OS X, or are you basing this on what others tell you? OS X *IS* Unix based, just with an Apple user interface that makes it pretty and functional. One click and I'm face to face with a Unix command line for my system, if I feel the desire to control it via terminal commands.

                    Originally posted by Enikad View Post
                    If you've been on PC's for the longest time, and are not computer savvy a switch to an apple is not recommended unless you're a graphics, or digital media designer.
                    Very poor advice.

                    Apple uses the same hardware as other PC's. Apple's ARE PC's. You will find the same Intel processors in modern Macs.

                    OS X is a robust, RELIABLE environment. It just works. Newbies, novices, amateurs.... I'd recommend Macs and OS X to them all.

                    If you LOVE to tinker with system registry problems, reinstalling your operating system, spyware, loading device drivers... by all means, stay with Microsoft or tinker with the free OS's like linux, ubuntu, etc. I've used them all, too. I used to love wasting time tinkering, too. Most people don't like tinkering, and I don't like to anymore, either.

                    If you're TIRED of tinkering and dealing with problems routinely, get a Mac. I switched this past August after the Macbook Pro came out with Intel chips. One reason why I was finally willing to try OS X was that the new Macs can run XP and Vista natively, just like any other PC. I figured I'd spend a good amount of time running XP. Well, I was wrong. Aside from booting into XP/Vista to run a windows-only crash report program, I have never had the need or felt the desire to use XP/Vista anymore. And with Parallels (or comparable) virtualization, you can access your XP/Vista drive virtually from within OS X and run XP/Vista in a window (or full screen)... if you absolutely had to for some reason.

                    I'll never go back. There's absolutely no reason for me to. I've gone for months without needing to restart my computer. The "sleep" function actually works. The hardware and software integration is tight. The experience is what personal computing should be like. Any hardware I plug in just works. Networking is a breeze -- I can connect to anything with ease.

                    Just my personal, first-hand experience with MODERN Macs and CURRENT versions of OS X. Your mileage may vary,

                    God, I sound like one of those Mac fans I used to hate!
                    Last edited by Resq14; 05-13-2007, 07:58 PM.
                    sigpic
                    A L L G A V E S O M E,  B U T S O M E G A V E A L L

                    Comment


                    • #11
                      Is it possible to run firefox while already having AOL installed and open
                      ?

                      Comment


                      • #12
                        Yes, you can do that.
                        sigpic
                        A L L G A V E S O M E,  B U T S O M E G A V E A L L

                        Comment


                        • #13
                          Originally posted by Resq14 View Post
                          That is completely the opposite of my experience with all types of XP computers compared with MODERN Apple Macs and OS X. Do you have a modern Mac with current OS X, or are you basing this on what others tell you? OS X *IS* Unix based, just with an Apple user interface that makes it pretty and functional. One click and I'm face to face with a Unix command line for my system, if I feel the desire to control it via terminal commands.
                          Yep, have OSX, Windows XP, and Linux, at my disposal, so no, I'm not making up things on others accords, the most reliable system is Linux. I've done my tinkering in vista a time here and there, and Vista is a steaming pile of fail, wrapped in a bad idea, shipped in a retarded box.

                          MAC's are not the end all system, the fact is that people have developed bad habbits on PC's, Not taking the time to understand really the start of intermediate skills on the system, learning that to make windows work you essentially, don't use microsoft and norton for all your needs, and that the third party, and open source free software will keep a PC happy for a long time. I have 2 PC's running flawlessly in my home, a Mac that annoys me frequently, and a Linux partition for when the Red Army invades. Mac's for the longest time were the graphical guru's and software kings, point is with the right stuff, anything a mac can do moderately well, a PC can do epically better. I'm not doubting mac's because if I did, I wouldn't have one, its just kinda for a select group of folks, PC's have more problems simply because there are more of them, build enough of anything and soon enough people start to point out the problems.

                          Point is partner, if you take care of your system regardless of OS, it'll last. Computers are like old VW Beatles they go or they don't depending on the level of TLC.

                          10 things for the PC crowd:
                          1. The bowels of the internet are off limits
                          2. If you must have porn, find a reasonable site to get it from, if you need to click on 20 million adds to get there, you probably got some malware.
                          3. Don't install random crap
                          4. Learn what your computer is doing, press CTRL, ALT, Delete, and then tab over to processes, and take a look and whats being executed, then do a google search, if it turns out that exec.exe is malware, do a search on your drive and delete it.
                          5. Keep your punk kids out of myspace, its a testing ground for all sorts of script exploits.
                          6. Use Web Based Email, Outlook is crap, I have about 100gmail invitations folks, if you want one, which has 2gb's of storage space, just PM me with your Email. That simple, then invite other people when you get it.
                          7. Finally NEVER TRUST MICROSOFT. Never open emails from microsoft, never open anything that says "you won" or "look! boobies!" don't open attachments.
                          8. If the computer is acting weird, look into it, avoid spending cash, but look into it, google, and wiki can solve a lot of problems
                          9. Update your drivers frequently, windows updates won't always have them. If you're unsure of your hardware, check it out, sometimes you might actually have some crap RAM, or something else, had a video card crap out recently myself, overclocked.
                          10. Restarting the Stupid thing, Scanning it, Disk Clean up, Defragmenting, and the removal of anything in the Users>Local Settings>Temp folder, 70% of virus' make this folder their first home. Along with anywhere else you may download things to frequently, So display hidden items.

                          For The MAC folks:
                          1: Stop Telling People To Buy Mac's, If They Want One Like Every Other Mac Owner, They'll Get One.
                          2. Games, Business, Media Editing, Web Design, and Networking is the PC's realm of expertise now days.
                          3. 80% of the second, and third party stuff out there is geared moreover for PC's than us, so be wary of your warez
                          4. Mac's Still Have The Nicest Looking Desktops
                          5. You Can't Click And Drag, Remember It'll Remove The Other Folder
                          6. Mac's aren't for Pirates, And Everyone Loves Free Stuff.
                          7. Photoshop runs on windows too, and in fact it runs a little better, since its coding doesn't eat RAM for breakfast, lunch and dinner.
                          8. Your computers expandability is limited.
                          9. If its CTRL+"Something" on a PC its Apple+"Something" for you.
                          10. Optic Mice Fail Frequently

                          Linux Folks:
                          1-10: Hey you're not on a mac or PC, but can emulate both systems using only a portion of ram, and a tiny application, be happy, keep making viruses for them, since the source of the OS is inside those tiny emulation applications.

                          The right man in the wrong place, can make all the difference.

                          Comment

                          What's Going On

                          Collapse

                          There are currently 5043 users online. 226 members and 4817 guests.

                          Most users ever online was 19,482 at 11:44 AM on 09-29-2011.

                          Working...
                          X