Sheesh...
Chat rooms hit by Internet flu
By Robert Lemos
December 16, 1997 5:18 PM PST
ZDNN
People using the popular mIRC shareware program for Web
chat are learning first-hand what can happen when the
Internet bugs out.
Antivirus researchers at IBM Corp.'s Watson Research
Laboratories described on Tuesday details of a
security flaw
in the popular program that allows a malicious
script file to
be sent to users during an online conversation.
"You can use [the hole] to do anything you want to
do," said
David Chess, a researcher on staff with the
antivirus group.
"So far, we have seen the security hole be used to
take over
chat channels and cause people to say embarrassing
things."
Essentially, the hole makes it possible to send
files to users
in such a way that it becomes part of the mIRC software
itself. The files, if they are scripts, can then be
executed,
enabling the attacker to take over the victim's
computer.
The controlled computer can then be made to echo all
conversations to another channel, quit the chat
room, alter
its users list, and -- worst of all -- allow someone
else
access to its hard drive. The script file can also
be used to
send a copy of itself to another user.
So far, four different scripts exploiting the hole
have surfaced
-- the most infamous one called SCRIPT.INI.
Over the weekend, the creators of the mIRC program
released an updated version [v5.3] with a simple fix
that
plugs the security hole. The new program gets around the
problem by storing downloads and scripts in different
folders.
"Hopefully, the new version of mIRC will make the
problem
go away," said Chess.
If not, another solution may work. As with the
"magic bullet"
that gene researchers are investigating, Chess said
that one
of the four scripts -- released courtesy of some smart,
anonymous hacker -- blocks all other scripts from being
downloaded.
That's kind of like giving the cold a cold.
--Don't ask what you can do for your country, ask what your country can do for you. ...Megadeth
<> tbyars@earthlink.net <>