From: "Geo." 

"Mike N."  wrote in message
news:mvjgt2560i78u54pb28d6h6ji8vrevkn7a{at}4ax.com...

>>Have you seen the recent threads on the security lists about web servers
>>being compromised and used by spammers? That's not happening via browser
>>exploit or social engineering. It's PHP worms and Windows worms, fully
>>automated, new version every week.
>
>   I was thinking of client side only with my 90%+ stats.   Servers are a
> whole new ballgame with PHP, SQL injection and XSS.

Ah, definition of worm, no user required to infect a machine. Most client
side infections are trojans. Some of the trojans have worm components which
infect local file shares and such but typically they still require a user
to actually activate the new infection. A true worm spreads with no user
action required.

If we are talking about trojans then I agree with you because the user has
replaced the need for scripting and all the other little tricks.

Geo.

--- BBBS/NT v4.01 Flag-5