For end users, keep your endpoints patched antivirus up-to-date. For Symantec users, there is a good article at sharpebusinesssolutions.com/savce_upgrade.htm describing how to keep SAV agents healthy and under support. For admins of affected web sites, a simple clean-up of the page is not sufficient - your site administrator?s credentials need to be changed. There are easy to use tools available for MPack to use to reinfect your sites even after you have manually cleaned them up. These automated tools are being fed lists of compromised site admin usernames and passwords, so make sure that you put a strong password on your site admin account.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/newsbriefs/529/1995#1995