2 replies to this topic

[NeonWizard]

Security researchers warned Web surfers on Thursday to be on their guard after uncovering evidence that widespread Web server compromises have turned corporate home pages into points of digital infection.

The researchers believe that online organized crime groups are breaking into Web servers, surreptitiously inserting code that takes advantage of two flaws in Internet Explorer that Microsoft has not yet fixed. Those flaws allow the Web server to install a program that takes control of the user's computer.

The extent of the attacks is unknown, but the security community has seen numerous cases of personal computers infected when the user merely visits a Web site.

"It is not epidemic, but it is being seen," said Alfred Huger, senior director of engineering for security firm Symantec. "Do we think it is serious? Yeah. It's a concern and it's insidious."

This time, however, the flaws affect every user of Internet Explorer, because Microsoft has not yet released a patch. Moreover, the infectious Web sites are not just those of minor companies inhabiting the backwaters of the Web, but major firms, including some banks, said Brent Houlahan, chief technology officer of NetSec.

Read Article

[wawadave]

and no fix from microsoft yet?

[Otter]

This is why I chose Apache and Linux for my server...
And Firefox for my browser.

Unfortunately, although I'm safe, everyone else isn't.