Check Point Reference: | CPAI-2008-045 |
Date Published: | 26 Mar 2008 |
Severity: | High |
Last Updated: | Tuesday 01 January, 2008 |
Source: | http://www.2squared.com/glossary_details.php?ID=133895 http://spywaresignatures.com/details.php?spyware=kword.interkey http://spywaresignatures.com/details.php?spyware=eclickztoolbar http://www.paretologic.com/resources/definitions.aspx?remove=Locmag%20Toolbar |
Protection Provided by: | |
Who is Vulnerable? | Microsoft Windows clients |
Vulnerability Description | Malware is a software designed to infiltrate or damage a computer system without the owner's informed consent. It is a general name for a variety of forms of hostile, intrusive, or annoying programs like Viruses, worms, Adware, Trojans, and spyware that exploit unprotected clients, using network access to intrude upon organizations, destroying or stealing data. Spyware is computer software that is installed without the user's informed consent on a personal computer to intercept or take partial control over the user's interaction with the computer. Spyware programs can collect various types of personal information, install additional software, redirect Web browser activity, or divert advertising revenue to a third party. Adware is an advertising-supported software package which automatically plays, displays, or downloads advertising material to a computer after the software is installed on it or while the application is being used. A Trojan horse is a program that installs malicious software while under the guise of doing something else. Trojans are known for installing backdoor programs which allow unauthorized non permissible remote access to the victim's machine by unwanted parties with malicious intentions. |
Vulnerability Details | The update includes new protections against 4 recent malware threats: Spyware: IECodec - IECodec is a spyware used to fool users into downloading Trojans by pretending to be a codec. This malicious application has the ability to frighten users by posting what seem to be authentic messages from the Windows Security Center, including message dialogs that post a warning of a security danger. Clicking on one will launch a fake anti-Spyware scanner, which produces exaggerated reports of an infection, scaring users to enter their credit card number in order to "clean" the infections. Toolbar: Eclickz - Eclickz Toolbar is an advertising software that may include ads, pop-ups, banners and embedded links within webpage. It also hijacks user's homepage and address bar. Toolbar: Locmag - Locmag Toolbar is an Internet Explorer toolbar that is a Japanese adware that comes in the form of a browser plugin. It displays popup ads depending on the user's surfing behavior, hijacks the address bar, redirects the search engine, and updates the toolbar without user's consent. Toolbar: Kword Interkey - Kword Interkey is an Internet Explorer Toolbar that changes the browser's settings and hijacks the address bar. It logs information without the user's consent and displays ads depending on the user's surfing habits. |