From: Larry Seltzer (larry@larryseltzer.com)
Date: Mon Jan 09 2006 - 10:56:38 EST
>>Are we seeing, or have seen, any worm-like activity with this
vulnerability? If so, how rampant is it?
Check the anti-virus vendor sites. They can usually be counted on to
overstate the significance of any new attacks, and none of them are
reporting any WMF attacks of any significance.
F-Secure does still have the threat at a level 2
(http://www.f-secure.com/v-descs/pfv-exploit.shtml) and Symantec's Threatcon
is also at 2, but both of these are based on perceived potential for an
attack, not for any actual attacks going on, and both are down from higher
levels since the MS patch was released.
Larry Seltzer
eWEEK.com Security Center Editor
http://security.eweek.com/
http://blog.ziffdavis.com/seltzer
Contributing Editor, PC Magazine
larryseltzer@ziffdavis.com
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:
Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:20 EDT