Download.ject was the first noted case in which users of Internet Explorer for Windows could infect their computers with malware (a backdoor and key logger) merely by viewing a web page. It came to prominence during a widespread attack starting June 23, 2004. Infected servers included several financial sites. Security consultants prominently started promoting the use of Opera or Mozilla Firefox instead of IE in the wake of this attack.
Computer criminals placed Download.ject on financial and corporate websites running IIS 5.0 on Windows 2000, breaking in using a known vulnerability. (A patch existed for the vulnerability, but many administrators had not applied it.) The attack was first noticed June 23, although some researchers think it may have been in place as early as June 20.
Both the server and browser flaws had been exploited before this. This attack was notable, however, for combining the two, for having been placed upon popular mainstream websites (although a list of affected sites was not released) and for the network of compromised sites used in the attack reportedly numbering in the thousands, far more than any previous such compromised network.
Although not a sizable attack compared to email worms of the time, the fact that almost all existing installations of IE — 95% of web browsers in use at the time — were vulnerable, and that this was the latest in a series of IE holes leaving the underlying operating system vulnerable, caused a notable wave of concern in the press. Even some business press started advising users to switch to other browsers, despite that the then-prerelease Windows XP SP2 being invulnerable to the attack.