mmorpg.pl


Utwórz nowy wątek Odpowiedz w wątku  [ Posty: 3 ] 
Autor Wiadomość
******
Avatar użytkownika

Posty: 3592
Dołączył(a): 30.07.2005
Offline
PostNapisane: 7 kwi 2007, 16:02 
Cytuj  
Cytuj:
World of Warcraft players are being targeted by hackers exploiting flaws in how Windows handles animated cursors.

The flaw came to light in late March and lets attackers take over vulnerable PCs via booby-trapped websites.

Warcraft players seem to be one of the targets because accounts for the game are potentially worth significant sums of money.

Microsoft has issued a patch for the flaw early to combat the rising number of attacks.

Player power

Security firms tracking how criminal hackers are exploiting the cursor flaw suspect there are many websites hosting the code that can be used to take over vulnerable PCs.

Some of the sites have been specially created but others have been hacked to be unwitting hosts for the infection.

The potential for the flaw to do harm grew significantly with the discovery of a website that automatically generates all the attack files needed to turn a site into a booby-trap.

A large number of criminally-minded hacking gangs are cashing in on the flaw.

One Chinese group known to be using the animated cursor flaw scored some success in February when it managed to hack a Superbowl website and use it to host code for spyware.

Credit card, BBC/Corbis
There is a ready market for card data on the net
Analysis of that malicious software showed that it lay dormant on a victims machine until they ran World of Warcraft (WoW) at which point it captured login data and sent it to the hacking group.

The group's enthusiastic use of the cursor flaw suggests it is trying to do the same again.

The online fantasy game now has more than eight million active players around the world.

Research by security firm Symantec suggests that the raw value of a WoW account is now higher than a credit card and its associated verification data.

One card can be sold for up to $6 (£3) suggests Symantec, but a WoW account will be worth at least $10. An account that has several high level characters associated with it could be worth far more as the gold and rare items can be sold for real cash.

In a bid to head off the growing threat from the animated cursor flaw, Microsoft took the unusual step of releasing a patch for the bug on 3 April.

Usually Microsoft issues security patches on the second Tuesday of every month. The patch for the cursor flaw arrived a week early and Microsoft has been preparing it since December when the bug was first reported.

Windows users can get the patch via automatic updates or visit Microsoft to download it manually.

On its security blog, Microsoft said the patch was released early "to help better protect customers from this threat".

The software giant urged Windows users to download and install the patch.

It said there was a chance that attacks via the vulnerability would increase but had seen little evidence of widespread use yet.


Źródło: BBC News


_________________
Obrazek

**
Avatar użytkownika

Posty: 7080
Dołączył(a): 13.05.2005
Offline
PostNapisane: 7 kwi 2007, 16:42 
Cytuj  
cholera, jak sie nazywa ten patch na stronie microsoftu?


_________________
rufen.@steam
rufenn@psn
rufen@wot

******
Avatar użytkownika

Posty: 3592
Dołączył(a): 30.07.2005
Offline
PostNapisane: 7 kwi 2007, 19:35 
Cytuj  
RufeN napisał(a):
cholera, jak sie nazywa ten patch na stronie microsoftu?

http://www.microsoft.com/technet/securi ... 7-017.mspx


_________________
Obrazek

Wyświetl posty nie starsze niż:  Sortuj wg  
Utwórz nowy wątek Odpowiedz w wątku  [ Posty: 3 ] 


Kto przegląda forum

Użytkownicy przeglądający ten dział: Brak zidentyfikowanych użytkowników i 1 gość


Nie możesz rozpoczynać nowych wątków
Nie możesz odpowiadać w wątkach
Nie możesz edytować swoich postów
Nie możesz usuwać swoich postów

Szukaj:
Skocz do:  
cron
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group | Theme based on Zarron Media theme | Copyright © 2001-2012 MMORPG.pl Team
Redakcja MMORPG.pl nie ponosi odpowiedzialnosci za tresc komentarzy i odpowiedzi umieszczanych przez uzytkownikow.