Antivirus Advice for Computer Protection on the Internet




Compromised Websites Hosting Malicious JavaScript

US-CERT is following reports of SQL injection attacks that have compromised a large number of legitimate websites. The compromised websites contain injected JavaScript that attempts to exploit multiple, known vulnerabilities. Users who visit a compromised website may unknowingly execute malicious code.

US-CERT encourages users to do the following to help mitigate the risks of this and similar attacks:

  • Regularly apply software updates and patches provided by vendors.
  • Disable JavaScript and ActiveX as described in the Securing Your Web Browser document.
For more technical information, visit SANS Internet Storm Center at http://ics.sans.org/diary.htnl?storyid=4331.

US-CERT will provide more information as it becomes available.

 







Today's Internet Security Alerts


Popular Words in Security Alerts
fraudulent active malicious september office downloads organizations currently knowledge summary bulletin macintosh malware posted player