| Comments

last week (early last week) i was helping a client who's machine had been infected with a hack that was adding footers in the iis configuration of a site.  what this was doing was outputing javascript that was attempting to insert the download.ject virus on user machines that visited the site.

*last week* i noticed it and the companie's a/v software (mcafee) noticed it as JS/Exploit-DialogArg.B variant (not Download.Ject).  my a/v soft (norton desktop) didn't even notice it.  I could not find any information on the JS/Exploit-DialogArg.B virus def except on mcafee's site stating an “extremely low” warning.

guess what...it wasn't that “extremely low” -- as now download.ject (same thing) is all over the place...and this server *had* the appropriate suggested service pack from ms on it already.  i admit, the clients machine looked like a different hack to get in, but i found it interesting that just now a/v corps are heightening the threat...i contacted both symantec and mcafee with the copy of my variant and they responded with “this is already been designated a low warning as microsoft already has patches that solve this” -- argh.

Please enjoy some of these other recent posts...