Symantec: Phel Trojan Horse Attacks Windows XP   If installed, gives control of your PC to a remote user. Linda Rosencrance, Computerworld Thursday, December 30, 2004 Security firm Symantec is warning users of a newly discovered Trojan horse named Phel--an anagram of the word help--that attacks Windows XP. The Trojan horse is capable of remotely controlling a user's system even if the latest Windows XP service pack, SP2, has been installed. Advertisement The Trojan horse, distributed as an HTML file, attempts to exploit a vulnerability in Internet Explorer's HTML Help Control component in all versions of Windows. The vulnerability was discovered in October. Microsoft is actively investigating new public reports of a criminal attack, according to a Microsoft spokesperson. Don't Visit Strange Places For the exploit to succeed, an attacker would need to entice a user to visit a malicious Web site and then place the Trojan horse on the user's machine. If the Trojan horse executes successfully, potentially malicious software could be downloaded and run on the user's system, the spokesperson says. Microsoft is working to forensically analyze the malicious code in Phel, and will work with law enforcement agencies to identify and bring to justice those responsible for the malicious activity, he says. "Microsoft is taking this vulnerability very seriously, and an update to correct the vulnerability is currently in development," the spokesperson says in an e-mail message. "We will release the security update when the development and testing process is complete, and the update is found to effectively correct the vulnerability." Microsoft says customers in North America who think they may have been affected can receive help with security-update issues or viruses at no charge by calling Product Support Services at 866/727-2338. International customers can receive the same level of support online. Customers in the United States who believe they have been attacked should contact their local FBI office or post their complaint online. Customers outside the United States should contact the national law enforcement agency in their country, the spokesperson says.