PATCH YOUR SYSTEMS!!!! Over 1 million myspace.com users infected by an old exploit...
Why don't people patch their machines?? Over one million visitors to various myspace.com pages have been infected via the WMF exploit that was patched back in JANUARY.
This scares me.. Microsoft can only do so much to protect users from themselves. The use of this exploit has been such an amazing success for the bad guys that you can bet it is going to continue to happen. We can't depend on site owners to spot the bad guys when they try dirty tricks like this.
I see from the article that Webshots was also targeted.. another immensely popular Web site.
The days are gone where we can say that they don't have to worry about patching or antivirus protection because we only go to "safe" sites. These past six months or so have seen Web sites hacked and used to infect visitors, exploits being pushed out via pop-up advertisements and embedded ads and hardware driver updates being infected with viruses.
Basically, any site that shows advertisements, whether it be via pop-up advertisements (unless generated in-house) or embedded advertisements is a potential source of infection, so what do we do?
We can use a protective HOSTS file, such as that available at http://www.mvps.org/winhelp2002/hosts.htm, but the sites that serve up the bad stuff change from day to day. This may not protect you from cutting edge stuff.
We can use antivirus and antispyware, but such products are simply not detecting everything that is out there:
It is imperative that computers are patched as quickly as possible after a security update is released. The time between an exploit becoming public, and it being used by the bad guys, is getting shorter and shorter.
Update to Internet Explorer 7 to reduce the attack surface available to the bad guys.
Another protective step is to block all advertisements. My firewall, for example, has an "HTML ad string blocking" option. If you don't see the banner ads, they can't infect you.
Use a pop-up blocker for the same reason.
To give you an idea of how widespread this problem is becoming, remembering that I hear about only a tiny portion of the attacks that are happening out there, here are some historical entries warning of various compromised sites and downloads...
Capital City Bank, Wakulla Bank and Premier Bank
Messenger Plus! sponsor advertising sponsors serving malware:
HP files infected with virus: