Monday, September 25, 2006

Malicious greeting cards now using the VML 0-Day

Hi folks,

Overnight, based on some information provided by MessageLabs, we noticed the ecarders have begun using the vml exploit, rather than the trusty, but five month old, MDAC exploit (MS06-014). If they can catch as many victims as they did with a five month old exploit, one wonders how many they will catch with this one.

This is a move we've anticipated all along ... there are simply too many working versions of this exploit available to the public. It's just a matter of time before all the Bad Guys switch to using it.



Post a Comment

<< Home