Chat rooms hit by Internet flu
By Robert Lemos
December 16, 1997 5:18 PM PST
People using the popular mIRC shareware program for Web
chat are learning first-hand what can happen when the
Internet bugs out.
Antivirus researchers at IBM Corp.'s Watson Research
Laboratories described on Tuesday details of a
in the popular program that allows a malicious
script file to
be sent to users during an online conversation.
"You can use [the hole] to do anything you want to
David Chess, a researcher on staff with the
"So far, we have seen the security hole be used to
chat channels and cause people to say embarrassing
Essentially, the hole makes it possible to send
files to users
in such a way that it becomes part of the mIRC software
itself. The files, if they are scripts, can then be
enabling the attacker to take over the victim's
The controlled computer can then be made to echo all
conversations to another channel, quit the chat
its users list, and -- worst of all -- allow someone
access to its hard drive. The script file can also
be used to
send a copy of itself to another user.
So far, four different scripts exploiting the hole
-- the most infamous one called SCRIPT.INI.
Over the weekend, the creators of the mIRC program
released an updated version [v5.3] with a simple fix
plugs the security hole. The new program gets around the
problem by storing downloads and scripts in different
"Hopefully, the new version of mIRC will make the
go away," said Chess.
If not, another solution may work. As with the
that gene researchers are investigating, Chess said
of the four scripts -- released courtesy of some smart,
anonymous hacker -- blocks all other scripts from being
That's kind of like giving the cold a cold.
Don't ask what you can do for your country, ask what your country can do for you. ...Megadeth
<> firstname.lastname@example.org <>