Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC: Overview of the WMF related articles at the ISC - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Overview of the WMF related articles at the ISC
Since this is one of the more complex stories to follow I've made a quick overview of the WMF issues.

The first story on the WMF vulnerability and the initial exploit
http://isc.sans.org/diary.php?storyid=972

The update explaining why we went to yellow the first time around
http://isc.sans.org/diary.php?storyid=975

The story pointing to the Microsoft bulletin
http://isc.sans.org/diary.php?storyid=976

The availability of the first snort sigs
http://isc.sans.org/diary.php?storyid=977

The going back to green article
http://isc.sans.org/diary.php?storyid=978

More WMF signatures
http://isc.sans.org/diary.php?storyid=980

Lotus notes affected
http://isc.sans.org/diary.php?storyid=981

The bandaid post: deregistering not reliable, extension filtering not enough
http://isc.sans.org/diary.php?storyid=982

The free phone number for micrsoft support
http://isc.sans.org/diary.php?storyid=985

Indexing and WMF
http://isc.sans.org/diary.php?storyid=986

Musings on how to protect organisations beyond the trivial
http://isc.sans.org/diary.php?storyid=990

An IM worm found using the WMF stuff
http://isc.sans.org/diary.php?storyid=991

The second exploit, back to yellow, new sigatures and an unoffical patch
http://isc.sans.org/diary.php?storyid=992

The WMF FAQ
http://isc.sans.org/diary.php?storyid=994

--
Swa Frantzen


Swa

760 Posts

Sign Up for Free or Log In to start participating in the conversation!