In both cases, the vulnerabilities have been exploited to try to redirect surfers to a Web site at www.dota11.cn, which hosts a malicious script that tries to infect users' computers with a virus.
That's the old news.
The funny news--and believe me, I think this is fucking hysterical--is that one of the Web sites clobbered by the SQL injection attack is redmondmag.com, a Web site that is "the independent voice of the Microsoft IT community." It's a pro-Microsoft, look-how-great-we-are "news" site that has been so massively infected that...
...well, if you Google it, Google gives you a "this site may harm your computer" warning.
Many of the infected Web pages are pages about computer security--or, at least, apologies for Microsoft products masquerading as articles on computer security.
I know, I know, the real assholes here are the hackers, but still...goddammit, I can't stop laughing.