Lowering infocon back to green

Published: 2010-07-20
Last Updated: 2010-07-20 20:53:54 UTC
by Manuel Humberto Santander Pelaez (Version: 2)
1 comment(s)

According to the arguments presented by Handler Lenny when the Infocon level was increased, we believe that the purpose of increasing the awareness on this vulnerability has been fulfilled, so we are falling back to green level. This does not imply that the threat is over.

If we see a major attack arise using this vulnerability, we will let you know and if it is bad enough we will raise infocon again.

Update: There is an interesting article from Didier Stevens about how to mitigate LNK exploitation with software restriction policies. Read it at http://blog.didierstevens.com/2010/07/20/mitigating-lnk-exploitation-with-srp/.

-- Manuel Humberto Santander Peláez | http://twitter.com/manuelsantander | http://manuel.santander.name | msantand at isc dot sans dot org

1 comment(s)


Microsoft has just updated their Advisory to indicate MS Office, PIF, and Internet Explorer attack vectors. If anything, I'd think that would make things worse....

Diary Archives