Newly found Vulnerabilities03/13/08:
Compromised Websites Redirect Users to Malicious Websites
We have seen reports of an attack that has compromised a
large number of legitimate websites. The reports indicate that attackers are
modifying the sites and embedding JavaScript code. Users who visit one of these
infected websites may be unknowingly redirected to a malicious websites. These
malicious websites may then attempt to exploit known vulnerabilities for which
patches are available but have not yet been applied to the victim's system.
We will like to remind users to regularly apply software updates and patches
provided by vendors to help mitigate the risk of this and similar type attacks.
Users are also encouraged to disable JavaScript and ActiveX.