FYI...
- https://forums2.symantec.com/t5/blog.../article-id/13
03-24-2009 - "... simply visiting your favorite website can either lead to malware silently being installed on your computer without ever clicking on anything, or being plagued by misleading applications, such as fake antivirus software, seems to be a surprise to many users and IT managers alike... Our recently published Web-based attacks white paper* highlights some of the top Web threat trends that our security analysts observed during 2008... When your system is compromised, there is usually no indication—it happens silently without flashing lights or having to click on anything. All it takes is one vulnerable browser, multimedia application, document viewer, or browser plug-in and your computer can be compromised. I spoke with one user who couldn’t believe that one of the top 100 sites on the Internet would be attacking his computer. There was another customer whose own Web server kept attacking and infecting his computer... Web-based attacks are occurring everywhere and users’ computers are being attacked and infected in enterprise and consumer environments alike..."
* http://www.symantec.com/business/the...d=threatreport
Web Based Attacks: February, 2009 - "...
Top Web Threat Trends for 2008
1. Drive-by downloads from mainstream Web site are increasing
2. Attacks are heavily obfuscated and dynamically changing making traditional antivirus solutions ineffective
3. Attacks are targeting browser plug-ins instead of only the browser itself
4. Misleading applications infecting users are increasing
5. SQL injection attacks are being used to infect mainstream Web sites
6. Malvertisements are redirecting users to malicious Web sites
7. Explosive growth in unique and targeted malware samples ..."