It looks like you're using an Ad Blocker.

Please white-list or disable in your ad-blocking tool.

Thank you.


Some features of ATS will be disabled while you continue to use an ad-blocker.


SCI/TECH: Phel Trojan Horse Attacks on Windows XP

page: 1

log in


posted on Dec, 30 2004 @ 03:24 PM
A vulnerability in the Windows SP 2 has given rise to a new trojan horse to exploit that vulnerability. Microsoft has been aware of this vulnerability since October, but has yet to issue a patch. Microsoft is taking the threat seriously and is working with law enforcement, as a result.
Security firm Symantec Corp. is warning users of a newly discovered Trojan horse named Phel -- an anagram of the word help -- that attacks Windows XP. The Trojan is capable of remotely controlling a user's system even if the latest Windows XP Service Pack, SP2, has been installed.
The Trojan horse, distributed as an HTML file, attempts to exploit a vulnerability in Internet Explorer's HTML Help Control component in all versions of Windows. The vulnerability was discovered in October.

Microsoft is actively investigating new public reports of a criminal attack, according to a Microsoft spokesperson.

For the exploit to succeed, an attacker would need to entice a user to visit a malicious Web site and then would have to place the Trojan horse on the user's machine. If the Trojan executes successfully, potentially malicious software could be downloaded and run on the user's system, the spokesperson said.

Microsoft is working to forensically analyze the malicious code in Phel and will work with law enforcement agencies to identify and bring to justice those responsible for the malicious activity, he said.

Please visit the link provided for the complete story.

Yet another vulnerability in the Windows OS. Many have expressed concern that Microsoft has not issued a patch in the two months that they have been aware of the problem. Symantec advises that web surfers should stay away from questionable sites that could install the trojan horse. The trojan can make the infected machine run malicious programs.

Related News Links:


log in