Monday, February 3, 2003
There's a new phrase for an old threat, "drive-by downloads." There are several
companies, which, following in the footsteps of the many virus writers which
preceded them, hijack the browser, replacing the home page, popping up banner
ads, and secretly installing more software on the unsuspecting user's computer.
They do so under the guise of providing you with an Internet Explorer toolbar.
Toolbars are those rows of icons across the top of a program. Toolbars provide
quick access to oft-used commands such as printing. In your toolbar right now,
you probably have "back" and "forward" buttons. Microsoft's Internet Explorer
Web browser offers developers the ability to provide customized toolbars such
as the Google Toolbar, which provides
quick access to Google's search features. Other toolbars display stock quotes
or current news.
A company called Xupiter also provides an Internet Explorer toolbar. If your security
settings are low, [ed. Thick sarcasm] they are even so kind as to automatically
install the toolbar for you. If not, then you have to agree to allow them to
install the toolbar. Once installed, Xupiter changes the victim's home page and
redirects all searches to the Xupiter site.
Xupiter victims are inundated with pop-up ads, including ads for casinos. They
also experience odd browser behavior such as form fields self-populating with
random text. Like most poorly written software, the Xupiter uninstall does
not work. Of course, as is true with viruses, the user was never meant to uninstall
The only prevention is to make sure your Internet Explorer security settings
are set appropriately. For most people, the default settings are appropriate.
We have provided instructions
on how to reset your Internet Explorer security settings to their default values
in the Frequently Asked
Questions portion of our site.
It is worth noting that, in the infamous anti-trust case against Microsoft,
Microsoft argued that Internet Explorer could not be removed from Windows, that
it was tied to the operating system and not just a program that ran on top of
it. Others testified against this, arguing that, though not easily accomplished,
Internet Explorer could be "uninstalled" from Windows.
Regardless of which you choose to believe, Internet Explorer is undeniably integrated
into Windows at a lower level than just about any other program. As such, installing
any program which makes changes to Internet Explorer can be dangerous. This
is especially true of applications which offer to "customize" Internet Explorer,
speed up your Web browsing experience, or help improve your searches. Such seemingly
benign programs may render your entire system unusable.
If this isn't reason enough to use caution when installing Internet Explorer
toolbars and plug-ins, then consider the security ramifications. Many programs
use Internet Explorer to accomplish their tasks. This is even true of viruses,
many of which exploit vulnerabilities in Internet Explorer to deliver their
payload. So, consider your security and privacy before installing an application
which integrates into Internet Explorer and may change your security settings
to something less restrictive than their default values.