The Lazy Genius

Security News & Brain Dumps from Xavier Ashe, a Bit9 Client Partner

SANS Infocon moved to YELLOW

Posted by Xavier Ashe on December 28, 2005

We are moving to Infocon Yellow for a bit. There has been some debate
among the handlers about this step, but considering that a lot of
people are on holidays and might otherwise miss the WMF 0-day problem,
we have decided to raise the alert level.

The folks at Websense Labs have a nice movie on how it looks like if a system gets exploited by this WMF 0-day, see http://www.websensesecuritylabs.com/images/alerts/wmf-movie.wmv
. Don't go to any of the URLs visible in the movie unless you know what
you are doing (or feel like spending the next hours reinstalling your
PC).

The orignal exploit site (unionseek.com) is no longer up.
But the exploit is being served from various sites all over by now, see
the F-Secure Blog on http://www.f-secure.com/weblog/ for an update on the versions of the exploit found in the wild.

From the SANS Internet Storm Center.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: