New research pours scorn on the comforting but erroneous belief that Windows
surfers who avoid smut and wares on the web are likely to avoid exposure to
malware.
A study by free anti-virus firm Avast found 99 infected legitimate domains
for every infected adult web site. In the UK, Avast found that more infected
domains contained the word "London" (such as the blog section of http://kensington-london-hotels.co.uk)
than the word "sex". Among the domains labelled as infected by Avast was the
smart phones section of the Vodafone UK website. The mobile phone operator's
site contained a malicious JavaScript redirect script that attempted to take
advantage of an unpatched Windows Help and Support Centre flaw (CVE-2010-1885)
to infect the machines of visiting surfers.
