Jump to content


Corporate webservers infecting visitors' PCs

  • Please log in to reply
2 replies to this topic

#1 NeonWizard


    Security Geek

  • Full Member
  • Pip
  • 49 posts

Posted 24 June 2004 - 10:05 PM

Security researchers warned Web surfers on Thursday to be on their guard after uncovering evidence that widespread Web server compromises have turned corporate home pages into points of digital infection.

The researchers believe that online organized crime groups are breaking into Web servers, surreptitiously inserting code that takes advantage of two flaws in Internet Explorer that Microsoft has not yet fixed. Those flaws allow the Web server to install a program that takes control of the user's computer.

The extent of the attacks is unknown, but the security community has seen numerous cases of personal computers infected when the user merely visits a Web site.

"It is not epidemic, but it is being seen," said Alfred Huger, senior director of engineering for security firm Symantec. "Do we think it is serious? Yeah. It's a concern and it's insidious."

This time, however, the flaws affect every user of Internet Explorer, because Microsoft has not yet released a patch. Moreover, the infectious Web sites are not just those of minor companies inhabiting the backwaters of the Web, but major firms, including some banks, said Brent Houlahan, chief technology officer of NetSec.

Read Article

#2 wawadave


    Advanced Member

  • Full Member
  • PipPipPip
  • 126 posts

Posted 26 June 2004 - 02:37 PM

and no fix from microsoft yet?
Putting quotes around posts does not protect you from copy right infringement.</b>
<img src="http://img54.photobu...r_wawadave.gif" border="0" alt="IPB Image" />

#3 Otter



  • Full Member
  • Pip
  • 14 posts

Posted 26 June 2004 - 03:11 PM

:p :rofl:

This is why I chose Apache and Linux for my server...
And Firefox for my browser. :)

Unfortunately, although I'm safe, everyone else isn't.
The Wereotter
Posted Image
Disabling System Restore (for XP)
Online Virus Scanners
Spybot Search & Destroy
Lavasoft Adaware
Javacool's SpywareBlaster
Javacool's SpywareGuard
Malware-Blocking HOSTS File
If you encounter any broken links, please inform me of them (virusmagnet1@viruswatch.ath.cx). Also note that these links direct through my web server to allow me to keep them up-to-date or post additional info.

Member of UNITE
Support SpywareInfo Forum - click the button