Malicious greeting cards now using the VML 0-Day
Overnight, based on some information provided by MessageLabs, we noticed the ecarders have begun using the vml exploit, rather than the trusty, but five month old, MDAC exploit (MS06-014). If they can catch as many victims as they did with a five month old exploit, one wonders how many they will catch with this one.
This is a move we've anticipated all along ... there are simply too many working versions of this exploit available to the public. It's just a matter of time before all the Bad Guys switch to using it.