[ Thanks to Steven J.
Vaughan-Nichols for this link. ]
“As you no doubt know, the latest Internet Explorer exploit,
Download.Ject, escalates security problems to the
lose-your-life-savings point for users. Do business with an
infected bank site and user keystrokes get logged and sent to a
‘bad guy’ server. Yow!“As of this writing, nobody knows exactly how the Windows-based
IIS was infected, except the perpetrators. It appears that even
some fully patched servers were affected. Worse still, it’s not
clear how to prevent this kind of IIS attack from happening
again…”