rogerd - 1:22 am on Apr 15, 2012 (gmt 0)
A blog I admin triggered a "Trojan.Malscript.html" warning when I loaded its home page with Norton running. I immediately checked Google Webmaster Tools and a number of web-scanners like AVG and others. They all gave the site a clean bill of health. It was still causing Norton to go off, so I looked at the source code.
The odd thing was that the files had apparently been modified over a month earlier, and GWT, along with everyone else, didn't catch it. Another machine running TrendMicro let me load the page without objection.
I think this was most likely a server side hack, i.e., via compromised FTP or Wordpress login, vs. some kind of code vulnerability.
So, it's a good idea to keep your eye on file dates and, of course, exercise normal security precautions for logins and passwords. Had it not been for Norton, this might have persisted a lot longer without my knowing it. Checking your files for the base64 code above would disclose an identical exploit, though if the hacker has FTP access any number of nasty things could be done.