News Mainstream Web sites spreading back-door infections

If you've been mulling over the idea of ditching IE, this may tip your decision. It seems nowheres safe these days... This from ZDNet:

Surfers visiting trusted Web sites, such as banks and merchants, are falling victim to organized-crime groups that have exploited two Internet Explorer flaws to hide attacking code

Security researchers warned Web surfers on Thursday to be on their guard after uncovering evidence that widespread Web server compromises have turned corporate home pages into points of digital infection.

The researchers believe that online organised crime groups are breaking into Web servers, surreptitiously inserting code that takes advantage of two flaws in Internet Explorer that Microsoft has not yet fixed. Those flaws allow the Web server to install a program that takes control of the user's computer.

The extent of the attacks is unknown, but the security community has seen numerous cases of personal computers infected when the user merely visits a Web site.

"It is not epidemic, but it is being seen," said Alfred Huger, senior director of engineering for security firm Symantec. "Do we think it is serious? Yeah. It's a concern and it's insidious."

More here, and over at elReg

Scary stuff... Well, Scary for IE users. I'm safe on Safari.