Attack of the Banner Ads

A server hosting banner advertisements was hacked and used to spread some form of malware. Exploiting an as-yet unpatched hole in Internet Explorer, users visiting web sites served by this host (including popular news site The Register) can become infected. The news.com article is vague on the details of what exactly the malware does, except to say that "once compromised by the program, an infected system will allow an attacker to install additional programs." What makes this web server compromise more insidious than average is the nature of banner advertisements: it wasn't just visitors to this specific web server that were vulnerable, it was every web site hosting ads served by the affected host.
Apparently, having Windows XP Service Pack 2 installed prevents infection. If you're running XP but haven't yet installed the Service Pack, do yourself a favor and download it and install it soon. It's a pretty big leap forward in security for XP.
By Chris on November 22, 2004 4:31 PM |