This cool hacking video
tutorial shows how a hacker could put malware into a webserver and then use it to infect unpatched IE (Internet explorer) browsers to load the exploit code into victim units. The hacking tool will then connect to the IRC channel and await further commands from its 'master'.
This video is courtesy of Ian Wate. Visit his security blog.
The lesson here is to always patch your systems. This attack would not work on systems that are fully patched. Get anti-virus software as an added measure of protection as well.