Two comments to threat meters: 1) ISS's AlertCon is at level 2/4 (Increased vigilance) now: https://gtoc.iss.net/issEn/delivery/gtoc/index.jsp listing "in response to the critical issue disclosed within Microsoft Security Bulletin MS06-019 ? part of Microsoft`s May release." 2) McAfee's Global Threat Condition is at level 3/4 (Severe) now: http://www.mcafee.com/us/threat_center/default.asp#legend-learnmore listing "a raised risk of exploitation on Microsoft Windows and Microsoft Exchange hosts." - Juha-Matti
All, I have read the Microsoft advisory and the alarm bells started to whistle ;) As fas a I can read this open the door to fully self propagating email worms with whatever payload you desire. Yet, sans.org, symantec and us-cert.gov still have their threat levels on 1. What am I missing, surely this superseeds the IE7 0-day action (sorry couldn't resist). Schanulleke
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/