Have you seen one of these today whilst browsing?

Network Error

Unable to request URL from host directads.mcafee.com:80: Connection refused


Now please read this:

http://us.mcafee.com/virusInfo/default.asp?id=description&virus_k=100719

I have just spent the last two days researching this thing....

It has been in the wild for over a week now!

And yes, it is primarily only an NT kernel infector. It will infect 9x, but clean up is very simple...delete the infected HOSTS file, no other registry changes are made. The aolfix is self cleaning (how nice :D).


Win 2K/XP systems do need a little more intensive cleaning....and an easy solution should be out later tonight or tomorrow.

More info on it....

Most AVs are now targetting it.

This story details it

Pop-Up Trojan Targets Unpatched Windows Bug (http://www.cbronline.com/latestnews/a7aa802c3a25406d80256db30018c17b)

So far, McAfee has the most accurate information and removal instructions.

http://us.mcafee.com/virusInfo/default.asp?id=description&virus_k=100719

My isp just let everyone know about it and how from their end there is very little they can do and suggest the same thing of making sure you avg is up to date.
mark

Well, after extensive trials and tribulations......some testing involved too, I am satisfied that the new MS patch will successfully prevent this particular form of this exploit. I am not so confident about other variations or other, new vulnerabilities developing in this same area...


MS03-040 (http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/ms03-040.asp&hidetoc=true)

mjc,

Is this part of the Cumulative Patch for IE 6.0 released this weekend?