Threat Level: green Handler on Duty: Pedro Bueno

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Overview of the WMF related articles at the ISC

Published: 2006-01-02
Last Updated: 2006-01-03 16:28:03 UTC
by Tom Liston (Version: 6)
0 comment(s)
Since this is one of the more complex stories to follow I've made a quick overview of the WMF issues.

The first story on the WMF vulnerability and the initial exploit
http://isc.sans.org/diary.php?storyid=972

The update explaining why we went to yellow the first time around
http://isc.sans.org/diary.php?storyid=975

The story pointing to the Microsoft bulletin
http://isc.sans.org/diary.php?storyid=976

The availability of the first snort sigs
http://isc.sans.org/diary.php?storyid=977

The going back to green article
http://isc.sans.org/diary.php?storyid=978

More WMF signatures
http://isc.sans.org/diary.php?storyid=980

Lotus notes affected
http://isc.sans.org/diary.php?storyid=981

The bandaid post: deregistering not reliable, extension filtering not enough
http://isc.sans.org/diary.php?storyid=982

The free phone number for micrsoft support
http://isc.sans.org/diary.php?storyid=985

Indexing and WMF
http://isc.sans.org/diary.php?storyid=986

Musings on how to protect organisations beyond the trivial
http://isc.sans.org/diary.php?storyid=990

An IM worm found using the WMF stuff
http://isc.sans.org/diary.php?storyid=991

The second exploit, back to yellow, new sigatures and an unoffical patch
http://isc.sans.org/diary.php?storyid=992

The WMF FAQ
http://isc.sans.org/diary.php?storyid=994

2nd generation exploit use in spam
http://isc.sans.org/diary.php?storyid=995

Trustwothy computing
http://isc.sans.org/diary.php?storyid=996

Recommended block list
http://isc.sans.org/diary.php?storyid=997

Status of the anti-virus detection after one day
http://isc.sans.org/diary.php?storyid=998

Updated version of Ilfak Guilfanov's patch
http://isc.sans.org/diary.php?storyid=999

More .wmf woes
http://isc.sans.org/diary.php?storyid=1002

Installing a Patch Silently
http://isc.sans.org/diary.php?storyid=1004

.wmf FAQ Translations
http://isc.sans.org/diary.php?storyid=1005

Checking for .wmf Vulnerabilities
http://isc.sans.org/diary.php?storyid=1006

MS to Release Update on Jan 10
http://isc.sans.org/diary.php?storyid=1009

.MSI installer file for WMF flaw available
http://isc.sans.org/diary.php?storyid=1010

--
Swa Frantzen


Keywords:
0 comment(s)
Diary Archives