For several weeks starting in early August, visitors to MySpace, Photobucket, Bebo and other high-traffic Web sites were exposed to banner ads that contained Trojan horse software that could wreak havoc on a computer.
Web security company ScanSafe tracked the malicious ads back to Yahoo's Right Media network and estimates that they ran several million times, according to The Washington Post's Security Fix news site.
"All a visitor to one of these sites needed to do to infect their machines was to browse a page that featured the ads with a version of Internet Explorer that was not equipped with the latest security updates from Microsoft," the story says.
A Right Media spokesperson said: "We became aware of a Trojan ad introduced into the Right Media Exchange by a member network. The ad has been identified as a high risk creative and banned from the exchange. However, we cannot control what happens elsewhere on the Net. We continue to enhance our protective tools and are committed to finding ways of keeping this type of activity away from consumers and publishers."
The ads used Macromedia Flash files to exploit a hole in Microsoft's Internet Explorer browser that was patched in February.