Over 500,000 Microsoft IIS Web servers are infected less than a day by a flood of SQL injections, leaving pages with malicious iFrames.
By: Bill Waters
Published: Apr 27, 2008
Updated: Jul 2, 2009
According to Panda Security, the number of infected IIS servers reached 282,000, and security firm F-Secure said the number has risen to 500,000 less than a day later.
A flood of SQL injection attacks on Microsoft Internet Information Servers are leaving Web pages with malicious iFrames in them, and Panda Security is urging network managers to make sure their Web pages haven't been infected.
Microsoft IIS administrators can check to see whether their Web pages are infected with the iFrame code by looking for a specific code string in the source code of the Web page associated to an iFrame tag. The string should be eliminated immediately as it adds new malicious code.
Experts say the vulnerability is due in part by poorly-written SQL code that does not properly examine user input from a Web page form.
The exact vulnerability has not been identified, although suspicions center on an April 17 Microsoft Security Advisory (951306) for which there is not yet a defined patch or other fixes.
Malicious iFrame attacks have seen widespread growth over the past several months. Attackers embed the iFrame code in Web pages to redirect victims to sites for purposes of fraud.
You can share this Microsoft news story with your friends or family from our Technology section. This article can be shared through e-mail or sent to online social Web sites including Twitter, Facebook, MySpace and others. You can choose from one of the options below.
You can catch all the latest news from us @Newsoxy on Twitter.
Get the latest on Hybrid Cars, SUVs, Trucks, and Minivans from our Hybrid Newsletter for free.
