Symantec is reporting on what might possibly be yet another unpatched vulnerability being exploited by the bad guys out there. It seems to be used in targeted attacks. We're seeking samples, confirmation, CVE name etc. at this point.
Even though it appears there might be little gain in once again trying to convince people not to email office documents, not to open them, etc. some renewed attention might be required.
If five unpatched vulnerabilities is the risk level you need before being allowed to act and start to filter, you might have your "go" at this point. The oldest of the 5 vulnerabilities is publicly known since December 5th, 2006.
Let's hope at least some of them get patched in February's Black Tuesday patches.
Swa Frantzen -- net2s.com
Jan 31st 2007
1 decade ago