Just a heads-up to those with shared hosting accounts at GoDaddy, DreamHost, Network Solutions, and other places. There's a new PHP-related exploit going around that makes web sites sources of drive-by trojan/scareware infections. Infects all .php files on the site. Payload installs in IE8 automatically.
Not just WordPress or Joomla but ANY PHP-based site can be hit (on these vulnerable shared hosters). We had a GoDaddy site that was infected, and may very well get reinfected, since GoDaddy hasn't admitted any weakness (but Network solutions actually has, to their shared hosting customers).
http://www.tgdaily.com/security-feature ... ck-attacks
http://www.scmagazineus.com/widespread- ... le/169956/
Fixes at http://blog.sucuri.net/2010/05/lots-of- ... using.html