Just how weird, rather hilarious it sounds when an antivirus software became a victim of virus vulnerability. Of course, on the other hand…in a similar incident, we heard that the US National vulnerability database got hacked due to some software vulnerability. How ironic!

On March 13, National Institute of Standards and Technology’s National Vulnerability Database’s (NVD) public-facing website and other services was taken offline due to a malware infection on two web servers. The vulnerability was detected when Gail Porter of NIST’s public inquiries office informed a concerned chief security officer in an email,

“On Friday March 8, a NIST firewall detected suspicious activity and took steps to block unusual traffic from reaching the Internet. NIST began investigating the cause of the unusual activity and the servers were taken offline. Malware was discovered on two NIST Web servers and was then traced to a software vulnerability.

Currently there is no evidence that NVD or any other NIST public pages contained or were used to deliver malware to users of these NIST Web sites.

NIST continually works to maintain the integrity of its IT infrastructure and acts to limit the impact of malware on its systems. We regret the impact this has had on our services. NIST is continuing to respond to the incident and will restore these public-facing servers as quickly as possible.”

No further information has been received from the NIST yet. And I don’t think we need to say anything else here. Huh?

The website is back online, and has been for a few days now, but it’s still not very functional.