Attack malware twice as likely with Microsoft IIS

Web servers running Microsoft’s IIS Web server software are twice as likely to be hosting malware as other site servers, Google has reported.
 
In its research, Google’s newly-formed Anti-Malware team scanned 70,000 domains that were either distributing malware or hosting attack code, according to Google’s Nagendra Modadugu in his Tuesday blog.
 
“This is potentially bad news for the Web hosting industry, as it sheds new light over the complex issues surrounding website security in a hosting environment.  It’s not just the web server application that can be attacked but also the programming of the web site itself which is a platform independent issue commented Geoff Sweeney, CTO with behavioural analysis software specialist, Tier-3.
 
High profile cases such as computer hardware giant ASUStek who recently had their web site compromised, created a situation where visitors the website may have been attacked simply by accessing the site itself.   The integration between attacks originating from popular web sites and desktop based vulnerabilities is particularly concerning given the potential for massive infection rates.

“It shows, once again, that conventional approaches to IT security software are not enough to keep malware and application exploit attacks at bay. If Web hosting companies and major corporate install behavioural analysis software alongside their existing – and conventional – IT security applications, the amount of compromised Web servers and applications would fall through the floor,” he added.