Attackers are once again injecting malicious IFRAMEs into Web pages in an effort to exploit weaknesses in ActiveX controls.
McAfee said the exploit attempts to attack Windows systems that don't have Microsoft's MS06-014 patch installed, as well as ActiveX controls for RealPlayer, Baofang Storm, Xunlei Thunder DapPlayer, and Ourgame GL World Globalink Chat. Microsoft's patch corrects a serious problem in Microsoft Data Access Components (MDAC), which could allow the execution of arbitrary code.
The attack uses a cascading effect in which Web pages are loaded into the IFRAME in succession and eventually an executable file is launched. McAfee estimates that so far over 10,000 sites have become portals of this particular attack.