|
(Cross-posted to Ignite/400 and Midrange-nontech) A major Microsoft IIS security blowup: http://isc.sans.org/diary.php?date=2004-06-24 http://isc.sans.org/ Microsoft IIS servers worldwide are getting terrorized (nobody knows how, nobody is sure by whom, but it seems to be a Russian site) with a hugely virulent hack. The virus causes a footer to be appended to every page sent from the server which in turn hacks any machine visiting the site using MSIE. The hack on the visiting machine is SEVERELY dangerous. It downloads one of a variety of payloads, from keystroke loggers to backdoors, but here's the kicker: "The javascript uses a so far unpatched vulnerability in MSIE to download and execute the code. No warning will be displayed. The user does not have to click on any links. Just visiting an infected site will trigger the exploit." I want to be clear, this is no drill: hackers have ALREADY infected Microsoft IIS servers worldwide with a severe virus. This virus IN TURN will infect any MSIE browser that is vulnerable (which is currently just about all MSIE browsers) and will WITHOUT WARNING download and install software from a site in Russia to spy on, take control of, or disable your PC. Haven't we had enough of this yet? Can we for once and for all just dump IIS on the trashheap of software history where it belongs? Joe
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2025 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
