I am sure most of you by now know there is a LKM (Loadable Kernel Module) exploit that is nasty and hard as heck to clean.

While I run Windows I keep up with all web server security. As an admin I couldn't afford not too.

Read this thread at Webhosting Talk. make sure you read it through as there is a users there that has investigated several boxes.

The original story first broke a week or so ago, Mass web infection leaves researcher scratching her head | The Register and then again a couple days ago, Mystery web infection grows, but cause remains elusive | Channel Register.

Now it seems this problem is not easily fixable yet it is very easy for your server to be infected if you are targeted.

Here is where Windows comes into this. The injected javascript looks for exploit, some already patched and one that is new. If you run any of the vulnerable software on your home computer you could be exploited and not even know it.
The vulnerable lie in:
Code:
- MSIE ADODB

- VML

- MSIE WebViewFolderIcon

- MSIE RealPlayer

- QuickTime

- AOL Superbuddy
The first 4 are directly related to IE and were patched a while ago. Although patched some people don't keep up so they'll get infected.
I'm not familiar with AOL Buddy so I don't know if it is patched.

The QuickTime exploit is new as of Jan. 10TH and affects the QuickTime Updater.

In conclusion if you have a server check the sites on it for inclusion of random javascript. Read the article or thread at WHT so you'll know what to look for. If you're o a shared host make sure your site isn't serving the js.

For people using IE, I'm not sure if Firefox will make you vulnerable and from what I've read no one knows, make sure you either shutoff javascript or make sure all exploits are fixed. Uninstall QuickTime Updater if you have it installed and make sure QuicktTime is patched with the patch from a couple months ago.

Hope no one here or there host is exploited.