My next class:
LINUX Incident Response and Threat HuntingOnline | Japan Standard TimeOct 21st - Oct 26th 2024

Back to green, but the exploits are still running wild

Published: 2006-10-02. Last Updated: 2006-10-02 17:30:53 UTC
by Jim Clausing (Version: 1)
0 comment(s)
Folks, as is our policy here at the Internet Storm Center, once we feel we've raised awareness of an issue by raising infocon to yellow, we move it back to green (otherwise, with the constant release of exploits of unpatched vulnerabilities, infocon would stay at a heightened level and become as meaningless as the DHS terrorist threat level).  Normally, we do this after 24 hours, but in this case, since we didn't raise infocon until Saturday, we felt we should wait until most folks had made it back to work on Monday before going back.  That doesn't mean that there is no more risk.  Quite to the contrary, until the vulnerabilities are patched, the risk remains high because we know there are many variants of the exploit in the wild as I type this.  There were even Metasploit modules released over the weekend, so it doesn't take much talent at this point to create a new exploit.  However, we feel that things have leveled off somewhat.  We've published pointers to the workarounds in Saturday's story, so there isn't much more that we can do at this point other than remain vigilant.
Keywords: IE infocon setslice
0 comment(s)
My next class:
LINUX Incident Response and Threat HuntingOnline | Japan Standard TimeOct 21st - Oct 26th 2024

Comments


Diary Archives