We have received numerous links, even resulting to more than a hundred, which aim to redirect the user to a specific URL. These malicious links may follow the following format:
http://{varies}.nl/info.html
All of these links have exactly the same contents, an encrypted script, which redirects those unlucky enough to click the malicious link to a malicious HTML file. This is now detected as HTML_MULTIEX.A
It takes advantage of the following Microsoft vulnerabilities:
MS03-011
MS05-001
MS05-013
The HTML exploits the target PC depending on certain conditions. Some of the conditions include the operating system of the target because exploits are usually OS-dependent.
So, what’s the moral lesson of the story? Always update your computers with the latest patches, you’ll never know if the website you stumbled into is malicious or not. Better safe than sorry eh?
http://{varies}.nl/info.html
All of these links have exactly the same contents, an encrypted script, which redirects those unlucky enough to click the malicious link to a malicious HTML file. This is now detected as HTML_MULTIEX.A
It takes advantage of the following Microsoft vulnerabilities:
MS03-011
MS05-001
MS05-013
The HTML exploits the target PC depending on certain conditions. Some of the conditions include the operating system of the target because exploits are usually OS-dependent.
So, what’s the moral lesson of the story? Always update your computers with the latest patches, you’ll never know if the website you stumbled into is malicious or not. Better safe than sorry eh?