Websites carrying news of the Olympic games have been targeted in a new wave of SQL injection attacks. Vulnerabilities in sites including New Delhi Television Limited's NDTV.com have been booby-trapped with exploits designed to install malware onto users' computers. NDTV is syndicating AFP’s Olympic content but has failed to …
"to download malware payloads onto vulnerable Windows PCs"
To be pedantic, technically they're uploading (which is the fundamental reason why terms like 'sideloading' annoy me ... just because an MP3 player is small doesn't mean you can't upload to it).
Also, the word 'vulnerable' is a bit redundant in the context of Windows PCs. :)
It's not true that all PC running Windows are vulnerable. Some of them are switched off.
@ John Leyden ...
Have you ever written any commercially successfull software? If not why bite the hand that feeds?
@ Geoff Mackenzie
Technically, they are not uploading. Browser exploits don't push bits, they cause the browser to download the code, a client side infection mechanism even if it was server side upon which the initial command to do so was injected a la SQL or some other server vulnerability.