Tim Heuer

| Comments

last week (early last week) i was helping a client who's machine had been infected with a hack that was adding footers in the iis configuration of a site.  what this was doing was outputing javascript that was attempting to insert the download.ject virus on user machines that visited the site.

*last week* i noticed it and the companie's a/v software (mcafee) noticed it as JS/Exploit-DialogArg.B variant (not Download.Ject).  my a/v soft (norton desktop) didn't even notice it.  I could not find any information on the JS/Exploit-DialogArg.B virus def except on mcafee's site stating an “extremely low” warning.

guess what...it wasn't that “extremely low” -- as now download.ject (same thing) is all over the place...and this server *had* the appropriate suggested service pack from ms on it already.  i admit, the clients machine looked like a different hack to get in, but i found it interesting that just now a/v corps are heightening the threat...i contacted both symantec and mcafee with the copy of my variant and they responded with “this is already been designated a low warning as microsoft already has patches that solve this” -- argh.

Please enjoy some of these other recent posts...

About Tim

Tim is a program manager at Microsoft, working on .NET and developer tools (formerly UI frameworks including WPF, Silverlight, UWP, and WinUI). In the past Tim worked as software developer for various healthcare and consulting companies building client and web applications. Personally Tim is an avid cyclist.

Sponsored By

Comments