Apr 11, 2008

Latest Microsoft exploit seen in the wild

Symantec Threatcon Level 2

Published: 2008-04-10,
Last Updated: 2008-04-11 14:01:03 UTC
by Deborah Hale (Version: 1)

It appears that Symantec has raised the Threatcon to Level 2 this afternoon.

www.symantec.com/security_response/threatcon/index.jsp

It seems that their honeypots have sniffed out "In-the-Wild Exploit attempts" targeting the vulnerability identified in MS08-021 which allows remote code execution in GDI if a user opens a specially crafted EMF or WMF image file. Microsoft announced this in their latest super Tuesday release.

www.microsoft.com/technet/security/Bulletin/MS08-021.mspx

If you haven't already patched do so now and don't forget to remind your users not to open image files.