Log in
Register
Menu
Log in
Register
Home
What's new
Latest activity
Authors
Forums
New posts
Search forums
What's new
New posts
Latest activity
Members
Current visitors
New posts
Search forums
Menu
Log in
Register
Install the app
Install
Forums
Miscellaneous Sections
Tech Head - The Technology Section
Tech News feeds.
Hundreds of thousands of Microsoft servers hacked
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Reply to thread
Message
<blockquote data-quote="The Feedster" data-source="post: 511644" data-attributes="member: 259515"><p>Hundreds of thousands of websites, including ones <a href="http://blogs.guardian.co.uk/technology/2008/04/27/hundreds_of_thousands_of_microsoft_web_servers_hacked_fail.html" target="_blank">owned by the UK Government</a> and the United Nations have been hacked into and infected with malicious code that attempts to install malware on visitors’ computers.</p><p>The attackers are reported to be exploiting a security vulnerability in Microsoft's Internet Information Services (IIS) web servers. Microsoft <a href="http://www.microsoft.com/technet/security/advisory/951306.mspx" target="_blank">said last week</a> that it was investigating reports of an unpatched flaw in IIS servers, but wasn’t aware of anyone trying to exploit the weakness at the time.</p><p><strong>Malicious code</strong></p><p>According to online security firm <a href="http://www.f-secure.com/weblog/archives/00001427.html" target="_blank">F-Secure</a>, visitors to infected sites are being silently redirected via Javascript to three different domains hosting malicious code. These domains secretly attempt eight different exploits to install an online gaming Trojan on target machines.</p><p>Although the attack appears to be limited to websites using Microsoft IIS Web Server and Microsoft SQL Server, F-Secure is not laying the blame solely at the feet of Microsoft.</p><p>"So far we've only seen websites using Microsoft IIS Web Server and Microsoft SQL Server being hit. Do note that this attack doesn't use vulnerabilities in any of those two applications. What makes this attack possible is poorly written ASP and ASPX (.net) code," F-Secure said in an update.</p><p></p><p></p><p><a href="http://www.techradar.com/news/computing/hundreds-of-thousands-of-microsoft-servers-hacked-331679" target="_blank">More...</a></p></blockquote><p></p>
[QUOTE="The Feedster, post: 511644, member: 259515"] Hundreds of thousands of websites, including ones [URL="http://blogs.guardian.co.uk/technology/2008/04/27/hundreds_of_thousands_of_microsoft_web_servers_hacked_fail.html"]owned by the UK Government[/URL] and the United Nations have been hacked into and infected with malicious code that attempts to install malware on visitors’ computers. The attackers are reported to be exploiting a security vulnerability in Microsoft's Internet Information Services (IIS) web servers. Microsoft [URL="http://www.microsoft.com/technet/security/advisory/951306.mspx"]said last week[/URL] that it was investigating reports of an unpatched flaw in IIS servers, but wasn’t aware of anyone trying to exploit the weakness at the time. [B]Malicious code[/B] According to online security firm [URL="http://www.f-secure.com/weblog/archives/00001427.html"]F-Secure[/URL], visitors to infected sites are being silently redirected via Javascript to three different domains hosting malicious code. These domains secretly attempt eight different exploits to install an online gaming Trojan on target machines. Although the attack appears to be limited to websites using Microsoft IIS Web Server and Microsoft SQL Server, F-Secure is not laying the blame solely at the feet of Microsoft. "So far we've only seen websites using Microsoft IIS Web Server and Microsoft SQL Server being hit. Do note that this attack doesn't use vulnerabilities in any of those two applications. What makes this attack possible is poorly written ASP and ASPX (.net) code," F-Secure said in an update. [url=http://www.techradar.com/news/computing/hundreds-of-thousands-of-microsoft-servers-hacked-331679]More...[/url] [/QUOTE]
Insert quotes…
Verification
Post reply
Forums
Miscellaneous Sections
Tech Head - The Technology Section
Tech News feeds.
Hundreds of thousands of Microsoft servers hacked
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.
Accept
Learn more…
Top