IE vulnerability update

What You Should Know About Download.Ject

Published: June 24, 2004 | Updated June 26, 2004 8:45 P.M. Pacific Time

http://www.microsoft.com/security/images/blast_globe.jpgGet this information in additional languages

Microsoft teams are investigating a report of a security issue known as Download.Ject affecting customers using Microsoft Internet Information Services 5.0 (IIS) and Microsoft Internet Explorer, components of Windows. (Download.Ject is also known as: JS.Scob.Trojan, Scob, and JS.Toofeer.)

Important Customers who have deployed Windows XP Service Pack 2 RC2 are not at risk.





​

Reports indicate that Web servers running Windows 2000 Server and IIS that have not applied update 835732, which was addressed by Microsoft Security Bulletin MS04-011, are possibly being compromised and being used to attempt to infect users of Internet Explorer with malicious code.



How to Help Protect Your Systems

• System administrators. System administrators should follow the steps outlined in Knowledge Base Article 871277 to apply update 835732 and take any recovery steps that may be necessary.
• Enterprise customers. Enterprise customers can minimize risk by increasing the security of the Local Machine Zone in Internet Explorer.
• Home users. Use the following steps to update your computer, remove any infection, and increase your browsing and e-mail safety settings.

http://www.microsoft.com/security/images/RedbarTop.gif



http://www.microsoft.com/security/images/ActionHdr.gifActions for Home Users

http://www.microsoft.com/security/images/red_line.gif1.

Install Critical Updates

Visit the Windows Update Web site to install all critical updates.

2.

Check for Infection

To determine if the malicious code is on your computer, search for the following files:

• Kk32.dll
• Surf.dat

Steps for Windows XP users
If either of these files is present, your computer may be infected. You can find tools to clean your computer and obtain up-to-date antivirus protection from the following software vendors participating in the Microsoft Virus Information Alliance:
www.symantec.com
www.mcafee.com


3.

Increase Your Browsing and E-Mail Safety

Follow the steps outlined on the page to Increase Your Browsing and E-Mail Safety.

 

Hey Nadirah, Thanks for the tip on the Browser and E-Mail bit. I checked and reset my settings as they were way off. I learn something new most every time I come to this site.

big ed