Last week, Microsoft responded to reports that some enterprise customers running IIS 5.0, a component of Windows 2000 Server, were being targeted by malicious code, known as Download.Ject (a.k.a. JS.Scob.Trojan, Scob, and JS.Toofeer). Download.Ject is believed to be the work of spammers looking to create a network of compliant PCs that can be used as proxies to spread junk mail.

"We are finding that devices running IIS are possibly being compromised and being used to attempt to infect Internet Explorer users with malicious code," Microsoft said.

Internet service providers and law enforcement, working together with Microsoft, identified the origination point of the attack in Russia, and shut it down on Thursday, June 24, according to Microsoft.

Microsoft advises developers running IIS 5.0 on a Windows XP or XP Embedded based device to make sure they have Security Update MS04-011 applied to their device. The update is available both on the OEM Secure Site and on the Download Center. The company also advises all users of Internet Explorer to be sure that they have installed the latest security updates and to utilize high security settings.

---

Related stories:

• New security patch for Windows XP Embedded
  
• Two new security updates for Windows XP Embedded
  
• Windows XP Service Pack 2 Beta addresses security concerns
  
• Microsoft announces new Service Pack 2 release for Windows XP
  
• Windows XP Embedded, NT Embedded security overview
  
• Microsoft issues Windows XP Embedded patch for Sasser worm