Friday, May 18, 2007

Tom's Hardware falls victim to a trojan

E-Week has an article about the popular computer hardware review site Tom's Hardware ( being hit by a trojan in a banner advert.

From the article it's not clear whether a criminal paid for a banner advert under a legitimate business name or compromised the advertising server run by an innocent third-party who paid for advertising on Tom's Hardware.

But really it doesn't matter very much for users. The facts that are clear are that Tom's Hardware is a very reputable site (that I personally visit regularly and recommend highly) that apparently did nothing wrong. Yet Windows users who visited the site who hadn't applied the latest patches had their systems compromised (and presumably used for other criminal activity). Apparently a month ago there was a patch released for the bug in question.

One thing that has to be noted is that large corporations often don't apply patches immediately. Spending a month testing a patch before deploying it widely is not uncommon in an enterprise environment. The general thinking in an enterprise is that the employees are almost always prohibited from visiting porn sites, and often prohibited from using forums, and webmail services. With these things prohibited the risk of attack is dramatically reduced. Now there is evidence that even the most reputable sites run by the competent sys-admins can be vulnerable to such attack.

The rest of this post is on my new blog.