We’ve just received reports of a New York online newspaper site being hacked, and is now serving malware (a backdoor) through an old exploit. We’ve visited the site (using a test system of course), and true enough, some pages did contain malicious code in them, being installed using an old exploit (MS04-013).
So, it’s always a good idea to keep ALL systems patched. Not only Windows, or Microsoft products, but ALL systems. And, always keep your antivirus programs updated.
Update(JJ, 27 February 2006 22:53:52)
The malicious files are to be detected as: BKDR_DELF.AQM and CHM_DELF.AVL.
