“Security researchers warned Web surfers on Thursday to be on guard after uncovering evidence that widespread Web server compromises have turned corporate home pages into points of digital infection,” Robert Lemos reports for CNET News.
“The researchers believe that online organized crime groups are breaking into Web servers and surreptitiously inserting code that takes advantage of two flaws in Internet Explorer that Microsoft has not yet fixed. Those flaws allow the Web server to install a program that takes control of the user’s computer,” Lemos reports.
“The extent of the attacks is unknown, but the security community has seen numerous cases of personal computers infected when the user merely visits a Web site. ‘It is not epidemic, but it is being seen,’ said Alfred Huger, senior director of engineering for security company Symantec. ‘Do we think it is serious? Yeah. It’s a concern and it’s insidious.’ …the flaws affect every user of Internet Explorer, because Microsoft has not yet released a patch. Moreover, the infectious Web sites are not just those of minor companies inhabiting the backwaters of the Web, but major companies, including some banks, said Brent Houlahan, chief technology officer of NetSec,” Lemos reports.
“Meanwhile, the average Internet surfer is left with few options. Windows users could download an alternate browser, such as Mozilla or Opera, and Mac users are not in danger,” Lemos reports.
Full article here.
MacDailyNews Take: The fun continues for our long-suffering Windows brethren. Mac users, happy surfing!
Related MacDailyNews article:
Spyware, adware plague Windows users online; Mac OS X users surf freely – April 19, 2004