Risk: Medium
It has recently been discovered that some cache servers are holding onto exploit code for two weeks after it's been removed from websites. According to Finjan Software, caching technology used by search engines, ISPs and large organisations can harbour certain kinds of malicious code even after the website that hosted it has been taken down. The company also offered details of how code designed to exploit a number of vulnerabilities in Microsoft products from 2003 and 2004 was able to continue in the public domain due to it hiding in the cache servers of a search engine.
Finjan's CTO, Yuval Ben-Itzhak, said: "This is more than just a theoretical danger. It is possible that storage and caching servers could unintentionally become the largest 'legitimate' storage venue for malicious code. Almost every malicious Web site out there has a copy on a caching server. What our latest report shows is that current processes to remove such malicious content from the Web are simply not going far enough to combat this very serious and growing threat."