Microsoft IIS sites 'twice as likely' to host malware

Web servers running Microsoft's IIS software are twice as likely to host malware as other site servers, it was claimed this week.

Nagendra Modadugu, of Google's newly-formed Anti-Malware Team, based his claims on an analysis of 70,000 domains that were either distributing malware or hosting attack code.

Geoff Sweeney, chief technology officer at behavioural analysis firm Tier-3, said: "This is potentially bad news for the web hosting industry, as it sheds new light on the complex issues surrounding website security in a hosting environment.

"It is not just the web server application that can be attacked, but the programming of the website itself which is a platform independent issue."

High profile cases such as computer hardware giant ASUStek, which recently had its website compromised, created a situation where visitors to the site may have been attacked simply by accessing the site.

Sweeney warned that the integration of attacks originating from popular sites and desktop-based vulnerabilities is "particularly concerning" given the potential for huge infection rates.

Copyright ©v3.co.uk