From http://www.eweek.com/c/a/Security/LizaMoon-Mass-SQL-Injection-Attack-Escalates-Out-of-Control-378108 It is worth a quick read to stay on top of things. What the user sees that allows the malware to be planted on their computer is described in the article.
“A mass SQL injection attack that initially compromised 28,000 Websites has spiraled out of control. At the last count, more than a million sites have been compromised, with no end in sight.
Security firm Websense has been tracking the “LizaMoon” attack since it started March 29.
Commenters asked Websense why researchers were so convinced it was a SQL injection on multiple Websites and not a mass cross-site-scripting attack. The researchers said they’d been contacted by people who have seen the code in their Microsoft SQL Server 2003 and 2005 databases. The vulnerabilities weren’t within the database software, but “most likely in the Web systems used by these sites, such as outdated CMS and blog systems,” Runald said.”