Attack Under Way
A multi-pronged attack is currently underway against both Internet
Sites and web users. This attack is unprecedented in both its speed
of spread and its severity. Under attack are Microsoft IIS web
servers and Microsoft's web browser, Internet Explorer.
The attack compromises web servers, including some major sites, and
inserts code into the web site which will infect visitors to the site
who are using Microsoft's Internet Explorer. The infection will
install software which allows the bad guys to take control of the
infected computers, which they then use to gather passwords, financial
data and launch attacks against others.
DON'T USE INTERNET EXPLORER DURING THIS ATTACK (if you can avoid it).
Microsoft has not issued a patch to fix the latest vulnerabilities,
although they are working on it. Keep an eye on
windowsupdate.microsoft.com for patches/fixes. As an alternative you
may want to consider using one of Netscape's free products, or Opera
If you're running IIS, make sure that you have applied all server
patches available from Microsoft. It is believed that this attack may
be using new approaches for which fixes may not exist.
Security experts say Russian hackers are using a sophisticated attack
to compromise major E-commerce Web sites, which then infect visitors
with hacker tools designed to steal passwords and financial data, and
possibly spew spam.
Government and industry experts warned late yesterday of a mysterious,
large-scale Internet attack against thousands of popular Web
sites. The virus-like infection tries to implant hacker software onto
the computers of all visitors to those sites.