cPanel Exploit Used to Circulate IE Exploit

miller60 writes "In a dangerous combination of unpatched exploits, hackers have used a previously undiscovered security hole in cPanel to hack the servers of a hosting company and use hundreds of hijacked sites to infect Internet Explorer users with malware using the unpatched VML exploit. cPanel, whose hosting automation software is used by many large hosting companies, has issued a fix. It's a local exploit, meaning the attacker must control a cPanel account on the target hosting provider."

not remote, M$ is weak link as usual.

[twitter]

cPanel does run in Linux. But it's Perl, so it doesn't count.

As usual, the problem is all M$. The fact that the attacker must have an account to break cPanel is more a mitigating factor than what language cPanel was written in. Now, if you are dumb enough to be administering your site through Windoze, you might have already given away that access by keylogger. There's an endless supply of drive by hijackings for that OS. A malicious interested party in Redmond might hire someone to conduct just such an attack to make visiting Linux hosted sites the kiss of death. That would be a lot of work for very little return, as hosting sites will patch, but it just goes to show that security is only as good as your weakest link.