IT news has recently talked about how the Opera House and Sydney’s Museum of Contemporary Art websites were both compromised and how these sites were then trying to download malware programs onto readers computers. However I’ve not seen it mentioned anywhere that both of these high profile sites were running Windows server 2003 at the time. (see here and here.)
If these sites were compromised because they were not up to date with all current patches, then we simply cannot just blame the hackers/crackers for the problem. History has shown us time and time again that an unpatched Windows server will be hacked before long. That goes for any server OS really, but Windows especially.
I’ve been looking at stopbadware.org to see if they had some method of determining which sites were running Windows server, or at least some method of searching by country so I could write a script to do it myself but thus far I’ve been unsuccessful. If that changes I’ll be sure to let you all know.
