IE flaws used to spread pop-up toolbar

Found on ZD Net on Wednesday, 09 June 2004

An adware purveyor has apparently used two previously unknown security flaws in Microsoft's Internet Explorer browser to install a toolbar on victims' computers that triggers pop-up ads, researchers said this week.

Microsoft learned of the issue when a security researcher posted an analysis of the problem to the Full Disclosure security mailing list Monday. The software giant has already contacted the FBI and is in the "early stages" of building the case, Toulouse said. The company is considering creating a patch quickly and releasing it as soon as possible, rather than waiting for its usual monthly update.

The flaws are apparently being used to install the I-Lookup search bar, an adware toolbar that is added to IE's other toolbars. The adware changes the Internet Explorer home page, connects to one of six advertising sites and frequently displays pop-ups--mainly pornographic ads, according to an adware advisory on antivirus company Symantec's Web site.

Ok, I can see a point when computers are hijacked for illegal activities; but us�ng an exploit for mareketing? I-Lookup must be aware of the fact that this will get them in troubles quickly.

Browse all articles« Previous « » Next »