[an error occurred while processing this directive]
BBC News
watch One-Minute World News
Last Updated: Monday, 28 June, 2004, 16:21 GMT 17:21 UK
Internet browser breach defused
Bill Gates, AP
Gates: Users need to update more often
The Russian web server at the centre of a serious net security problem has been shut down.

When visited by unwitting web users the server exploited loopholes in Microsoft's Internet Explorer and opened a backdoor into compromised PCs.

When first discovered, the security problem prompted experts to tell people to avoid using Internet Explorer.

The problem was judged serious because many trusted websites were innocently sending people to the suspect server.

Security scare

When visited, the Russian computer was sending computer code that could give malicious attackers complete control over a compromised machine.

So far Microsoft has not produced a patch for the loophole that this code sneaks through.

The loophole being exploited was first found two weeks ago.

Microsoft has urged users to update their browsers, raise security settings to high and disable Javascript. It adds that making these changes could mean some websites do not display as expected.

Network cables, BBC
The extent of the web browser breach is still being determined
The software giant has also posted advice to help people find out if they have fallen victim to the bug which Microsoft has dubbed Download.ject. Others are calling it the Scob trojan.

Analysis by security firm Lurhq reports that the downloaded code is a variant of the Berbew/Webber/Padodor trojan.

Speaking during a trip to Australia Microsoft Chairman Bill Gates said: "The thing we have to do is not only get these patches done very quickly..., we also have to convince people to turn on auto-update."

He added: "We will guarantee that the average time to fix will continue to come down."

Warnings about the problems caused by the Internet Explorer and server combination were first released by the US Computer Emergency Response Team and the Internet Storm Center.

It is not yet known how many websites and PCs have fallen victim to the combined attack.

However, the sting in the tail of this security problem now seems to have been removed as the server at the centre of it is shut off.

Soon after the problem became known late last week, many net service firms started blocking the web address of the Russian server.

The popular websites that were unwittingly contributing to the problem by directing people to this Russian server appear to be some of the few that have not closed vulnerabilities exploited by the Sasser worm.

According to Lurhq the code that Internet Explorer downloads is designed to steal login information for Ebay, Paypal, Earthlink, Juno and Yahoo accounts.


SEE ALSO:
Web browser flaw prompts warning
26 Jun 04  |  Technology
Viruses get caught in the herd
14 May 04  |  Technology
Why people write computer viruses
23 Aug 03  |  Technology
Web worm tests network security
10 May 04  |  Technology
Windows XP security gets tighter
31 Mar 04  |  Technology
Patent could force web change
15 Sep 03  |  Technology


RELATED INTERNET LINKS:
The BBC is not responsible for the content of external internet sites


PRODUCTS AND SERVICES

News Front Page | Africa | Americas | Asia-Pacific | Europe | Middle East | South Asia
UK | Business | Entertainment | Science/Nature | Technology | Health
Have Your Say | In Pictures | Week at a Glance | Country Profiles | In Depth | Programmes
Americas Africa Europe Middle East South Asia Asia Pacific