We all know that malware is a huge issue, and dirty sites trying to infect your machine are everywhere. Even if you aren't likely to encounter them on an individual basis, with the millions of internet users it is a worldwide issue. What is just as interesting as the number of sites that peddle or unintentionally spread malware is what, exactly, the servers spread the malware are running. It seems that nearly half of sites hosting malware are running Microsoft's IIS. With a massive 49% of malware servers running IIS, it topples apache when it comes to the server-to-infection ratio.
Why is this important? One of the primary bones of contention for defending one product's security over another has been the claim that “If you are a bigger target you're more likely to get attacked”. Granted, that must be true, but in this particular case that argument fails. Worldwide, Apache is the majority HTTP server. According to Google, Apache makes up 66% of the web server market worldwide, with IIS only holding 23%. That means, despite being a minority player in the server market, IIS has an overwhelming (and alarming) percentage of infected servers.
Is this more a fault of vulnerable software? Or could this be a symptom of something else? In either case, it's very interesting.