Absolutely. MS08-067 raised the SANS ISC InfoCon to Yellow http://isc.sans.org/infocon.html and that doesn't happen every month. When you look into payload of Win32/Gimmiv.A Trojan the motivation behind the exploitation is very clear.
This vulnerability has been reportedly the weapon of targeted attack during two or three weeks. Juha-Matti Larry Seltzer [EMAIL PROTECTED] kirjoitti: > Oh clearly it's a real threat. It's just not the threat it would have > been a few years ago. > > Larry Seltzer > eWEEK.com Security Center Editor > http://security.eweek.com/ > http://blogs.pcmag.com/securitywatch/ > Contributing Editor, PC Magazine > [EMAIL PROTECTED] > > > -----Original Message----- > From: Paul Ferguson [mailto:[EMAIL PROTECTED] > Sent: Thursday, October 23, 2008 9:43 PM > To: Larry Seltzer > Cc: Juha-Matti Laurio; [email protected] > Subject: Re: [funsec] Microsoft to rush out emergency Windows patch > today > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Thu, Oct 23, 2008 at 6:33 PM, Paul Ferguson <[EMAIL PROTECTED]> > wrote: > > > > > On Thu, Oct 23, 2008 at 6:29 PM, Larry Seltzer > <[EMAIL PROTECTED]> > > wrote: > > > >>>> Default? > >>>>And what might those rulesets be, pray tell? > >> > >> http://support.microsoft.com/default.aspx?scid=fh;ln;xpsp2swhw and a > >> hundred other URLs at Microsoft.com: "By default, Windows Firewall is > >> enabled and blocks unsolicited connections to your computer." > >> > >> That's the default configuration after you install SP2 (or SP3 or > Vista) > >> or when you buy a computer from an OEM with them pre-installed. > >> > > > > We'll see, I guess. :-) > > > > - - ferg > > > > BTW, I guess that if it weren't a _real_ threat, Microsoft would have > just > included it in the normal monthly Patch Tuesday release. > > Savvy? > > - - ferg > > -----BEGIN PGP SIGNATURE----- > Version: PGP Desktop 9.6.3 (Build 3017) > > wj8DBQFJASgwq1pz9mNUZTMRAmGKAJwP4Y2dO7CSJQuU7Ls4ci61uAWXYACfTE6D > 6LtPLIPj9DuXy/PCK6WVfS0= > =ggsj > -----END PGP SIGNATURE----- > > > > -- > "Fergie", a.k.a. Paul Ferguson > Engineering Architecture for the Internet > fergdawgster(at)gmail.com > ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
