Symantec: Phel Trojan horse attacks on Windows XP
It can affect systems, even if the latest XP service pack has been installed
Computerworld - Security firm Symantec Corp. is warning users of a newly discovered Trojan horse named Phel -- an anagram of the word help -- that attacks Windows XP. The Trojan is capable of remotely controlling a user's system even if the latest Windows XP Service Pack, SP2, has been installed.
The Trojan horse, distributed as an HTML file, attempts to exploit a vulnerability in Internet Explorer's HTML Help Control component in all versions of Windows. The vulnerability was discovered in October.
Microsoft is actively investigating new public reports of a criminal attack, according to a Microsoft spokesperson.
For the exploit to succeed, an attacker would need to entice a user to visit a malicious Web site and then would have to place the Trojan horse on the user's machine. If the Trojan executes successfully, potentially malicious software could be downloaded and run on the user's system, the spokesperson said.
Microsoft is working to forensically analyze the malicious code in Phel and will work with law enforcement agencies to identify and bring to justice those responsible for the malicious activity, he said.
"Microsoft is taking this vulnerability very seriously, and an update to correct the vulnerability is currently in development," the spokesperson said in an e-mail message. "We will release the security update when the development and testing process is complete, and the update is found to effectively correct the vulnerability."
Microsoft said customers in North America who think they may have been affected can receive help with security update issues or viruses at no charge by calling Product Support Services at 866-727-2338. International customers can receive the same level of support online at http://support.microsoft.com.
Customers in the U.S. who believe they have been attacked should contact their local FBI office or post their complaint online at www.ifccfbi.gov. Customers outside the U.S. should contact the national law enforcement agency in their country, the spokesperson said.
Read more about Malware and Vulnerabilities in Computerworld's Malware and Vulnerabilities Topic Center.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The Threat Landscape Hardly a day goes by without the discovery of a new cyberthreat somewhere in the world! But how do you keep up with...
- Security for Virtualization In the rush to implement virtualization, security has become second. So while the business benefits are clear, the risks are less well documented...
- Pay-as-you-Grow Data Protection: IBM Tivoli's Full-featured Data Protection Suite for Small to Medium Businesses IBM Tivoli Storage Manager Suite for Unified Recovery gives small and medium businesses the opportunity to start out with only the individual solutions...
- Streamline Data Protection with IBM Tivoli Storage Manager Operations Center IBM Tivoli Storage Manager (TSM) has been an industry-standard data protection solution for two decades. But, where most competitors focus exclusively on Backup...
- Meg Whitman presents Unlocking IT with Big Data During this Web Event you will hear Meg Whitman, President and CEO, HP discuss HAVEn - the #1 Big Data platform, as well...
- The New Way to Work Knowledge Vault This Knowledge Vault focuses on how, in today's increasingly virtual world, it's more important than ever to engage deeply with employees, suppliers, partners,... All Malware and Vulnerabilities White Papers | Webcasts