Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Major Internet Attack Under Way: Page 4 of 5

Microsoft and Symantec say these sites are being hit with a malicious application known as Download_Ject.

At 3 a.m. Friday, Microsoft issued a statement saying that "early indications suggest" that unpatched IIS 5.0 Servers are the systems targeted in the attack. Microsoft said the servers have not been updated with the patch included in Microsoft security bulletin April MS04-011. "Customers should ensure they have installed MS04-011 to help secure against the issues corrected by that security update," the company said.

Microsoft is also urging its customers to download and install the IE patch included with Microsoft Security Bulletin MS04-013 and that they "utilize high security settings" in Internet Explorer.

To help defend against the attack, Microsoft is urging consumers to read http://www.microsoft.com/security/incident/settings.asp.

It's also asking its business customers to read http://support.microsoft.com/default.aspx?scid=kb;en-us;833633 to "minimize risk." Microsoft corporate customers that have deployed XP SP2 RC2 are not at risk to the attack, the company said.