Condition Yellow

Heads up. The SANS Internet Storm Center has posted a condition yellow because:The Infocon status is now yellow, due to the MSDDS.

Heads up. The SANS Internet Storm Center has posted a condition yellow because:

The Infocon status is now yellow, due to the MSDDS.DLL exploit now available. We moved to Yellow as we feel widespread malicious use of this vulnerability is imminent, and the workarounds shown here provide sufficient countermeasures to be applied quickly. We expect to move back to green by the end of the day or early tomorrow.

Internet Explorer (.Net) 0day msdds.dll Exploit & Patch

Yesterday, FrSIRT (aka K-otik) released a working 0-day exploit against a .Net component with is accessible remotely via Microsoft Internet Explorer.

No patch yet but remediation instructions have been posted by Microsoft. Regrets to IT departments that have to test and deploy this one this weekend!