Users of Microsoft Internet Explorer and Windows XP Service Pack 2 (SP2) are vulnerable to infection by the Bofra worm, downloaded through website banner ads.
The Bofra worm, previously described only as a variant of the MyDoom worm, takes advantage of the iFrame vulnerability in Microsoft Internet Explorer; Microsoft has not yet been able to release a patch that repairs this security hole. According to SANS Internet Storm Center, sites in the U.K., the Netherlands and Sweden have been infected, including The Register, tech website. The Register advises users who visited the site between 6:00 A.M. and 12:30 P.M. GMT on Saturday November 20, 2004, to check their machines for possible infection by the Bofra worm.
Bofra Skirts Antivirus Software
The more significant problem is that the Bofra worm, which is a spyware application cannot be detected by most antivirus software applications. Repairing the effects of this worm are difficult and costly. The effect of the worm is so many popups and unwanted software installations that the computer will slow to a crawl and be, effectively, useless. Many users will be forced to rebuild their drives from scratch, starting with a reformatting and reinstallation of Windows.
Affected users who are fortunate to not lose all of their data files will do well to rebuild their computer and stop using Microsoft’s integrated web browser. Until Microsoft is able to take security seriously and create a stable, secure browsing platform, Windows users should move to alternative web browsers such as Firefox or Opera.
Call for Comments
What do you think? Leave your comments below.
SANS Internet Storm Center