Newly found
Vulnerabilities04/26/08:
Compromised Websites Hosting Malicious JavaScript
We are following reports of SQL injection attacks that have
compromised a large number of legitimate websites. The compromised websites contain
injected JavaScript that attempts to exploit multiple, known vulnerabilities.
Users who visit a compromised website may unknowingly execute malicious code.
We encourage users to do the following to help mitigate the risks of this and
similar attacks:
Regularly apply software updates and patches
provided by vendors.
Disable JavaScript