Rants, rambles, news and notes from another geek

Configuration Change to Protect Against Download.Ject

One of my good friends in the local MS district just sent me this:

Microsoft teams have confirmed a report of a security issue known as Download.Ject affecting customers using the Microsoft Internet Information Services 5.0 (IIS) and Microsoft Internet Explorer components of Windows. (Download.Ject is also known as JS.Scob.Trojan, Scob, and JS.Toofeer.)

As a valued partner, we are contacting you so that you have the information and resources you need to help address any security issues that may arise with your customers.

Microsoft Product Support Alert Details:

Microsoft has released a configuration change that addresses the recent malicious attack against Internet Explorer known as Download.JECT.

In addition, Microsoft has released a Knowledge Base article, 870669, that provides information that administrators can use to implement this change manually in their environment and to deploy the change across their networks.&nbsp_place_holder; Partners can also leverage this information to implement changes on behalf of their customers.&nbsp_place_holder; This Knowledge Base article is available here:

http://support.microsoft.com/default.aspx?kbid=870669

We recommend that you encourage your customers to review the information in the Knowledge Base article, then test and deploy the change immediately in their environments, if applicable.

If you or your customers have any questions regarding the security updates or its implementation after reading the above listed bulletin, you or your customers should contact Product Support Services in the United States at 1-866-PCSafety (1-866-727-2338).&nbsp_place_holder; International customers should contact their local subsidiary.

Thank you,

Microsoft PSS Security Team

Everyone needs to pay attention to this. It is a nasty one.

Now playing: Porcupine Tree - Heartattack In a Layby