"A Classic Drive By Attack" is what this article says.
So Microsoft Outlook has another bug that allows machines to be infected and taken over without the users clicking on an attachment or anything.
Plus many other security holes, in Office, and other security holes that have to be patched manually. I always hear much gnashing of teeth and wailing over the high cost of hiring the staff to administer Linux or Unix boxes, but once you install a Linux box, and once it's configured and running, administration is minimal.
I used to fix the Windoze boxes of family and friends when they got infected with a virus or malware, or crippled by spyware. Not anymore, now when someone brings me an infected box, I give them two options. Let me install Linux, or take it to someone else. So far nobody has turned me down. And of the 10 friends/family I have installed Linux for over the last two years, none of them have had a single virus or blue screen of death or other system issue. I also haven't received a single phone call about how does this work or that work, or this broke or that broke.
This has been typical of the Windoze environment ever since Windoze for Workgroups when they added networking and allowed the rest of the world in. I just don't get why people continue to buy the marketing hype of Redmond and continue to throw money at this swiss cheese platform.
And if you haven't worked with Windoze 2008 Server yet, let me tell you, you are in for big administration headaches and backwards compatability issues. In order to try to fill the holes in their swiss cheese, so many security "features" have been added, it pretty much rewrites the book on configuration of security on one of these machines. Things like authentication and networked filesystems and file permissions are very much fubar'd and require a whole new level of expertise to configure and maintain.
So to close, I'll relate a story. A friend of mine asks me about why their machines are running so slow in their office. This friend tells me they are going to buy new machines because everything is so slow now. I tell them, they probably have some kind of virus or malware, or something slowing the machines down and they don't need new hardware.
I speak with the business owner, and she tells me that everything runs great, it's just the slow machines. She also tells me Windoze if fine for their office (she forgets the compatability issues they had last month where people couldn't read each others documents).
The next day, this same business owner is reading e-mail and all of a sudden, a picture of a woman lacking clothing, doing the spread eagle appears on her screen. Needless to say, I went by their office and ran malware and anti-virus scan's on all the machine in the office. Turns out only one of the machines wasn't infected with multiple virus'
The moral to the story here is get off of the Redmond crack. Take the needle out and put something in your business that isn't prone to getting attacked every month from some new threat. It's great that there are security patches available, but before there is a patch, someone has to find the bug, and by the time you get the patch, it's already probably too late. Kinda like the old saying of "Closing the barn door after the horse is already gone".
