IFrame Exploits

Following up on "Halloween sites tricking users with malware" it appears to me the sites mentioned have been hacked and a IFrame has been injected, that if activated infects the visitor with several nasties.

I would advise disabling that option in IE – it is the single most exploited setting!
Internet Options | Security tab | Custom Level button
Scroll down to: Launching programs and files in a IFrame
Select: Disable (IE7 by default is already set to Prompt)

Note: the culprit involved is already listed in my HOSTS file

 



Leave a Reply