Websense Security LabsTM has received reports of new, malicious Web sites which are designed to install Trojan horses. The Web sites are hosted in Korea and Hong Kong. The sites attempt to exploit the Microsoft AdoDB / XML HTTP (MS06-014) vulnerability to download and install a Trojan downloader without end-user interaction.

Users receive an email, written in German, requesting that they visit a Web site to verify their order number. Upon visiting the site, the malicious code is automatically downloaded and run, assuming the user is not patched for the Microsoft vulnerability.

http://www.websense.com/securitylabs/alerts/alert.php?AlertID=751