Re: js.seeker and browser 'screw up'
From: Andrew Clover (and-google_at_doxdesk.com)
Date: 04/30/03
- Previous message: Jim Watt: "Re: My Security and Hacking Book Progress"
- In reply to: Mat: "js.seeker and browser 'screw up'"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 30 Apr 2003 02:57:32 -0700
Mat <buffaloesinc@hotmail.com> wrote:
> The other day while using IE my AV told me it had repaired a
> JS.Seeker infection.
Bad luck. This is an exploit for a security bug in the MS Java VM and
its interaction with ActiveX. To close this hole, download VM version
3810 from Windows Update. Or, if you are using Windows 2000, you can
get a patch directly from:
http://www.microsoft.com/downloads/details.aspx?FamilyID=dd870eac-69ef-4287-9a07-6c740f162644
Alternatively you could simply turn Java off completely, or use the
Sun VM:
Pretty much any exploit for this bug may be detected by an AV as
JS.Seeker, or JS.Exception, or JS.Exploit, or a few other different
names in different packages. However, they only detect the exploit,
*not* anything that exploit does, like installing adware toolbars.
The particular nameless toolbar you have ended up with is called
TinyBar. It is detected by some but not all AV tools, as
'TRAFFICHBAR'.
You can find out more about what it is, where it comes from, and how
you get rid of it here:
http://www.doxdesk.com/parasite/TinyBar.html
> I'm sure my browser has slowed also.
Yes, if you have a variant that gets its toolbar HTML page from an
external server, this will slow down IE startup. It can also open
pop-up ads.
-- Andrew Clover mailto:and@doxdesk.com http://www.doxdesk.com/
- Previous message: Jim Watt: "Re: My Security and Hacking Book Progress"
- In reply to: Mat: "js.seeker and browser 'screw up'"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
