Microsoft IIS Receives Google Attack Code
According to the news published by Computerworld on June 5, 2007, Google Inc's research has found that websites that run Microsoft's Corp Web server have more susceptible to host harmful codes.
Last month (May), Google's Anti-malware team examined those 70,000 domains, which either host attack code or distributed malware. According to the news by Computerworld on June 5, 2007, Nagendra Modadugu of Google's wrote in a blog, Microsoft IIS (Internet Information Services) has almost double the number of distribution of harmful codes as compared to the samples of servers throughout the Internet.
Google Anti malware team's report notifies, it has been noted that it was because of the compromise of servers (password theft via key logging, remote exploits) that some of them use malware, while some of the servers serve malware by their employees.
The servers of Apache and IIS, together, host around 89% of total websites and further they are the real cause behind 98% of malware activities on Web. Google found that it was both the websites of IIS and Apache which host harmful software, but due to the greater number of sites hosted by the servers of Apache 66% as against 23% of Microsoft; harmful sites are more likely to connect with the server of IIS.
As per a security researcher, the easiness in using IIS can be traced in Google's findings. According to the news published by Computerworld on June 5, 2007, Security Research Firm Argeniss CEO, Cesar Cerrudo said through an instant message that as compared to Apache Web Server it is quite easy to handle IIS Web Server and also added that unskilled people install Windows and sets a Web Server combined with a weak configuration.
Google's research report has also come up with a point that the server of malware differs from area to area. For instance, a large number of deadly sites run on IIS in China and South Korea. Also, in Germany, US, Russia, the dominating malware server is Apache.
According to the news published by Computerworld on June 5, 2007 Cerrudo confirms that 70,000 domains were examined but asks about the 5,000 domains, which are in the same Web server in China. He added that a lot of information is still left to arrive at any conclusion.
Related article: Microsoft Patches Live OneCare to Tackle Quarantined E-Mails
» SPAMfighter News - 19-06-2007