Tuesday, April 29, 2008

Microsoft Web Servers Hacked

Hundreds of thousands of Web sites - including several at the United Nations and in the U.K. government -- have been hacked recently and seeded with code that tries to exploit security flaws in Microsoft Windows to install malicious software on visitors' machines.

The attackers appear to be breaking into the sites with the help of a security vulnerability in Microsoft's Internet Information Services (IIS) Web servers. In an alert issued last week, Microsoft said it was investigating reports of an unpatched flaw in IIS servers, but at the time it noted that it wasn't aware of anyone trying to exploit that particular weakness.

On Thursday, Spanish anti-virus vendor Panda Security said that it had alerted Microsoft that a flaw IIS was the cause of all the break-ins. When I asked Microsoft whether they'd heard from Panda or if the hundreds of thousands of sites were hacked from a patched or unpatched flaw in IIS, a spokesman for the company didn't offer much more information.

According to Finnish anti-virus maker F-Secure, the number of hacked Web pages serving up malicious software from this attack may be closer to half a million.

Washington Post