"The rogue URL horns its way onto web pages through a SQL injection vulnerability in IIS and possibly other web servers, according to IT-related web forums."

Um...now, now.. lets not start another IIS blamefest here, if you'd bothered to read more widely you'll find that the attack vector is badly written user script that doesn't bother with any sort of input hygene before passing off to SQL.

And rightly as mentioned here:

http://isc.sans.org/diary.html?storyid=3823

We'll probably start seeing this infection breeding on LAMP stacks pretty soon.

Any script on any server that blindly trusts input and passes it back to SQL, MySQL, Oracle, whatever is going to get dirty sooner or later, not just stuff running on the MS stack.

Paris, because I bet even she's got better hygene standards than the script monkeys who cobbled together the affected sites.