[ISN] Bofra exploit hits The Register's ad serving supplier

InfoSec News isn at c4i.org
Mon Nov 22 07:11:58 EST 2004


By Team Register
21st November 2004 

Important notice: Early on Saturday morning some banner advertising
served for The Register by third party ad serving company Falk AG
became infected with the Bofra/IFrame exploit. The Register suspended
ad serving by this company on discovery of the problem.

Bofra/IFrame is a currently unpatched exploit which affects Internet
Explorer 6.0 on all Windows platforms bar Windows XP SP2. If you may
have visited The Register between 6am and 12.30pm GMT on Saturday, Nov
20 using any Windows platform bar XP SP2 we strongly advise you to
check your machine with up to date anti-virus software, to install SP2
if you are running Windows XP, and to strongly consider running an
alternative browser, at least until Microsoft deals with the issue.

We have asked Falk for an explanation and for further details of the
incident, and pending this we do not intend to restart ad-serving via
the company. Falk will, we understand, be making a statement regarding
the matter on Monday.

Although the matter was beyond our direct control, we do not regard it
as acceptable for any Register reader to be exposed in this way, and
wish to apologise sincerely to anyone who was. Further information
about this particular exploit is available here [1] or here [2].

[1] http://www.theregister.co.uk/2004/11/04/ie_iframe_vuln/
[2] http://www.theregister.co.uk/2004/11/10/bofra_worm/

More information about the ISN mailing list