Neil Turner's Blog

Blogging about technology and randomness since 2002

Register gets hit by Bofra IFRAME flaw

If the following applies to you:

  • You have Internet Explorer 6
  • You don’t use Windows XP, or you haven’t installed XP Service Pack 2
  • You visited The Register between 6am and 12:30pm GMT on Saturday morning

then it is possible that you may have been infected with the Bofra worm. This worm spreads through a flaw in Internet Explorer, which so far has only been fixed for users of Windows XP SP2. Users who have yet to install SP2, or who use IE on another version of Windows, may well have been infected with Bofra.
I would urge you to run a virus scanner to make sure you were not infected. Here is an official explanation from El Reg – the offending adverts were provided by a third-party advertising company which El Reg has suspended dealings with for the time being.
The fact that this is a third-party company makes this more worrying as other sites may well be affected too. I urge you not to use IE and instead use a browser like Mozilla Firefox or Opera for the time being.
Update: Falk, the company concerned, has issued a statement. It appears that one of their load balancers was hacked.


  1. had been mentioning it in the diary the past couple of days, but I’d never took the time to find out what major site it was.
    They’re recomending using firefox (as always) but also to check what advertisements you are running on your websites as the chances are it will have affected many other sites as well.
    There are currently 18 unpatched vulnerabilities in IE6, hopefully at least some of those will be fixed on the December 14th update from Microsoft.

  2. Yet another good reason not to use IE. Sweet! 🙂

  3. Thanks for mentioning Opera in the same breath as Firefox, stops this particular Opera evangelist from complaining!
    “There are currently 18 unpatched vulnerabilities in IE6…”
    18 known vulnerabilities in IE6, probably loads more that aren’t known about yet. Gak.