Slashdot Mirror

← Back to Stories (view on slashdot.org)

Asus.com Compromised With Exploit Code

Posted by kdawson on from the be-careful-out-there dept.

Juha-Matti Laurio writes in with news that the Web site of ASUSTeK Computer (asus.com) has been compromised to spread exploit code. The original report from Kaspersky Lab claimed that the compromise lead to code exploiting the recently patched Microsoft Windows Animated Cursor (.ANI) 0-day vulnerability, but sans.org found no evidence of this. Apparently a malicious iframe was added to one of the machines in asus.com's DNS round-robin.

5 of 117 comments (clear)

  1. It's not just the admins. by Anonymous Coward · · Score: 1, Funny

    Yes, the admins are to blame. Even as Windows administrators, they should be advocating the use of Solaris, Linux, AiX, HP-UX, FreeBSD, Mac OS X, or some other non-Windows system. Why is that? Because those are secure, reliable, efficient, high-quality operating systems. If the admins don't advocate the use of such systems, and instead suggest Windows, then they are not performing their job correctly. They should be relieved of their duties.

    But we can't blame just the admins. We also have to blame the network designers and integrators who actually put such systems into place. Again, if any of them recommends the use of Windows, then they are not performing their job correctly. They should be relieved of their duties.

    Furthermore, we also have to blame the management that allows for the purchase and installation of those Windows systems. They should know by now that Windows is not the sort of system that should be used for any purpose whatsover. Again, any manager who in any way authorizes the use of Windows is not performing his or her job correctly. He or she should be relieved of his or her duties.

  2. Re:Advice by lavid · · Score: 2, Funny

    Isn't "installing a laptop" just plugging in the power supply / battery?

    --
    If Bush wants to kill the terrorists, he should jump off a cliff.
  3. Re:Further evidence that ... by plague*star · · Score: 2, Funny
    ... you don't have to visit porn, warez or shady sites to get your computer infected with all sorts of nastiness; "trusted" sites will just do.

    I suspect the actual plan was to infect all the people mis-typing "anus.com"

    P*S

  4. Re:DNS needs improvment... by ez76 · · Score: 4, Funny

    This is intentional and symbolizes the company's value proposition, the Empty Promise (TM).

  5. Re:Advice by Anonymous Coward · · Score: 1, Funny

    Did you check the digital signatures of the drivers that you downloaded?