Patch released to fix the vulnerability exploited by the Trojan Hatoy

Posted in GD as a public service. If deemed inappropriate for this forum, Mods please move or lock.

The poster is not an employee of, or in any way associated with Panda Software.
---

Patch released to fix the vulnerability exploited by the Trojan Hatoy

Virus Alerts, by Panda Software (http://www.pandasoftware.com)

Madrid, October 6, 2003 - Microsoft has released a cumulative patch for Internet Explorer that fixes the vulnerability exploited by the Trojan Hatoy to automatically get into computers. This patch can be downloaded from http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/
bulletin/MS03-040.asp.

By exploiting this vulnerability, known as Object Type, files can be automatically run when a user simply views a specially crafted web page. This is the method that Hatoy uses to infect computers.

Due to the possibility of new viruses appearing that exploit this flaw, Panda Software recommends that users immediately install the patch and keep their antivirus updated.

Detailed information about Hatoy and other malicious code is available from Panda Software's Virus Encyclopedia at: http://www.pandasoftware.com/virus_info/encyclopedia/.

NOTE: The addresses above may not show up on your screen as single lines. This would prevent you from using the links to access the web pages. If this happens, just use the 'cut' and 'paste' options to join the pieces of the URL.

'cuz it's important

end of message

I've been getting a lot of automatic update notices from Microsoft. Eveb when I've installed them they keep coming up with new ones. Is this unusual?

If you're really backlogged on your patching, that's normal. Some patches fix things from other patches, and so you have to do it kind of piecemeal.

There is a good chance any such messages could be bogus, and could contain a virus. Just three days ago I had to clean an email system at a dental clinic because of an influx of exactly that sort of incoming email-- one computer had received over 300 messages supposedly from Microsoft in less than one hour. They all had attachments. They were all trojans.

Go to the MS Update page and let it scan your system for needed updates. This is the only way you can be certain it's legitimate. NEVER open an attachment if you are not expecting it, even if it appears to be from someone you know.

AND KEEP YOUR ANTIVIRUS DEFINITIONS UP TO DATE (AT LEAST WEEKLY).

Jeez, sometimes I really embarass myself... :evilgrin:

Use the update page, not downloads from emails.

Trojan Clark?