Internet Explorer Exploit Of The Day

There’s yet another killer Internet Explorer bug out there, which is manifesting itself in the form of a new trojan, Phel.A. This one only affects Windows PCs updated with SP2 (the supposedly ‘safe’ people) and works by confusing the ‘trusted’ and ‘untrusted’ zones.

I always find reports like this interesting, so I’ve written an exploit of my own. If you’re still using Microsoft Internet Explorer, and you’d like to see why you shouldn’t be:

  1. Click here to look at a web page I’ve set up [update: link long-dead]. It looks kinda boring, I know, but – if you’re using Internet Explorer, it will slyly put a tiny application in your Startup group.
  2. Next time you log into Windows, the tiny application will download and install a bigger application.
  3. Next time after this that you log into Windows, the bigger application will run, and tell you why you shouldn’t be using Internet Explorer.

The information on how to use this exploit is easily available on the web. Before long, we’ll be seeing another wave of web sites that can install software on ant Internet Explorer users’ computer.

If you’re still using Internet Explorer, take a look at BrowseHappy.

4 replies to Internet Explorer Exploit Of The Day

  1. Well, I have to admit I’m impressed.

    I tried to open this page in Opera to have a gander at the malicious code, but no matter what I did, I couldn’t so much as download it without Norton Antivirus
    ‘ “Bloodhound” (for those that don’t use it, this is the part of the program which detects as-yet-undiscovered viruses by noting suspicious behaviour) deleting the file and giving me a warning.

    Jolly well done Synmantec!

  2. I’m sure you could turn it off if you wanted to look at the code – it’s completely harmless to everything except Internet Explorer on Windows XP SP2 (and perhaps Windows 2003; not tested). Or, I’m more than happy to show you the code and explain it to you any time you like.

  3. Would you mind if I borrowed this? Incidentally, what’s the purpose of the PCHealth reference? Is this a file present on XP, or simply hangover from an earlier demo?

Leave a Reply

Your e-mail address will not be published. Required fields are marked *