Millions exposed to malvertising that hid attack code in banner pixels

From Ars Technica:

Despite targeting only people using IE and unpatched versions of Flash, Stegano is noteworthy for its concealment of exploit code in the pixels of the banner ads. There’s no reason future campaigns—or possibly ongoing ones that have yet to be discovered—couldn’t exploit zero-day vulnerabilities that infected a much larger base of people. Until ad networks get much better at detecting malvertising campaigns, the scourge is likely to continue.

The lesson, again, is that the advertising that is scattered throughout the web should be generally regarded as hostile and that ad blockers aren’t just a privacy tool but a security tool as well.