Another IFrame VML exploit
Following up on a SunBelt blog post ... I noticed the site mentioned wasn't really the problem but the IFrame exploit contained on the page, which produces a Information Bar pop-up in IE7
In researching this culprit I found that the same exploit is being served up on several other sites. 2 of which were discoved by the Microsoft Search Defender project as seen here ... in the first two examples these sites now contain the same IFrame exploit. I suspect these servers have been hacked since Microsoft reviewed them and the IFrame injected.
These culprit sites will be included in the next HOSTS file update ... as the IFrame page was scanned at VirusTotal and was only detected by AntiVir as: EXP/HTML.VML.Gen