Re: I thought commercial sites are safe

Bob wrote:
My question: If I had gone to the site Monday morning and hovered my mouse over the infected ad, would I have gotten this virus? I use Vista32 Home Premium, updated daily, avast! antivirus 5.0 as my security software set to maximum protection with auto update, PC Tools Firewall Plus that I monitor to make sure it is set correct and I always run vista in standard user account (not Admin). Would this computer configuration have protected me?

Surfing the Internet under the context of Standard user does mitigate the chance of being infected, or at the very least, it mitigates the damage the could happen, since it's not running on the context of the Admin account along with UAC being enabled.

A local newspaper was infecting viewers of their web site. The link below is the story about it. (the link is NOT the virus-I do not play tricks)

Star Tribune is a large media company I thought would be credible.

Any site can be compromised credible or not.

Lucky I did not go to the site that day. My small company was infected by it when a co-worker went to the web site on company computer.

Was the user running under the context of the Admin account on XP and using IE? If the user did so, the user had no chance.

I was told that "hovering" over the ad with the mouse infects the computer. My company runs XP Pro boxes. I cannot remember the security software used at work.

To say that you are 100% safe with all the security tools in the world running on the machine is questionable, especially if you participate in the compromise.

The one thing that's to your advantage is you're running on the Internet with Standard user rights, and if you have UAC enabled it helps to mitigate damage.

However, nothing is 100% bullet proof - nothing, and the buck really stops with you in keeping you're machine secure by your habits and actions on the Internet.