Hundreds of thousands of Microsoft web servers hacked; including government servers
Sunday, April 27, 2008 - 01:49 PM EST"Hundreds of thousands of Web sites - including several at the United Nations and in the U.K. government -- have been hacked recently and seeded with code that tries to exploit security flaws in Microsoft Windows to install malicious software on visitors' machines," Brian Krebs reports for The Washington Post.
"The attackers appear to be breaking into the sites with the help of a security vulnerability in Microsoft's Internet Information Services (IIS) Web servers," Krebs reports.
"On Thursday, Spanish anti-virus vendor Panda Security said that it had alerted Microsoft that a flaw IIS was the cause of all the break-ins. When I asked Microsoft whether they'd heard from Panda or if the hundreds of thousands of sites were hacked from a patched or unpatched flaw in IIS, a spokesman for the company didn't offer much more information," Krebs reports.
"'Microsoft is currently aware of and is receiving reports regarding public claims of attacks on IIS Web servers,' said Bill Sisk, a security response manager at Microsoft, in a statement e-mailed to Security Fix. 'While we have not be [sic] contacted directly regarding these reports, we will continue to monitor all reports either publically [sic] shared or responsibly disclosed and investigate once sufficient details are provided. We have not yet determined whether or not these reports are related to Microsoft Security Advisory (951306) released last week,'" Krebs reports.
"According to Finnish anti-virus maker F-Secure, the number of hacked Web pages serving up malicious software from this attack may be closer to half a million," Krebs reports.
Full article here.
[Thanks to MacDailyNews Reader "RadDoc" for the heads up.]
MacDailyNews Take: UNIX 03 compliance, cross-platform capabilities, and no client-access licenses make Mac OS X Server v10.5 Leopard a rock-solid network foundation. Mac OS X Server v10.5 Leopard brings its enhanced multicore performance, astounding system improvements, and powerful new features to Xserve. Now you can easily set up and manage servers, add new clients to the network, share calendars, schedule meetings, and more. Leopard Server is built on a fully compliant UNIX foundation. This rock-solid core provides the stability, performance, and security that organizations require — and full UNIX conformance ensures compatibility with existing server and application software. An Open Brand UNIX 03 Registered Product, Mac OS X Server can compile and run all your existing UNIX code. So you can deploy it in environments that demand full conformance, complete with hooks to maintain compatibility with existing software. With out-of-the-box support for Mac, Windows, UNIX, and Linux clients, Xserve is the easiest way to provide powerful, innovative network and Internet services for multiplatform workgroups. And there are no client-access licenses, which means no extra fees. Leopard Server supports 64-bit addressing and large LUNs without requiring you to buy a special enterprise version. Buy Xserve with Mac OS X Server v10.5 Leopard Unlimited-Client Edition for just $2,999.
MacDailyNews and iPodDailyNews are Apple Store affiliates and if you buy something from the Apple Store within 24-hours after clicking any one of our Apple Store ads, we will receive an affiliate percentage from Apple. There is no extra cost to you. Canadians please use this link: Apple Store Canada. Thank you in advance for helping to support MacDailyNews and iPodDailyNews.
Apple Store Advertisements:
• The all-new 13-inch MacBook. The next generation of notebooks starts at $1299.
• The all-new 15-inch Macbook Pro. New design. New features. New technologies. From $1999.
• The all-in-one iMac. Now at speeds up to 3.06GHz. Free shipping. From $1199.
• iPod touch. The funnest iPod ever. Starting at $229. Free Shipping.
• iPod nano. New design. New features. Starting at $149. Free shipping.
• Visit the Apple Store today. Free ground shipping on all orders over $50.
MacDailyNews on Twitter
Related articles:
Datamation: Apple Xserve ‘an accessible, low-fuss route to hefty server power’ - April 07, 2008
Macworld UK gives Apple’s Mac OS X 10.5 Leopard Server 4 out of 5 stars - February 25, 2008
Apple introduces new Xserve, the most powerful Apple server ever - January 08, 2008
CNBC’s primary network storage? Apple Xserves with dual 15TB Xserve RAIDs and Apple Xsan - December 20, 2007
Apple’s Mac OS X Leopard, Mac OS X Server Leopard awarded UNIX 03 certification - November 19, 2007
InformationWeek: Apple’s Max OS X Leopard Server is sleek, fast, and business-ready - November 03, 2007
= 
XSERVE ad right in the middle - CLASSIC!