Things just got a little more dangerous again
A couple of days ago, HD Moore (of Metasploit fame) re-released one of his Month of Browser Bugs, this time as a supposedly working code- running exploit. This was released as a Metasploit plugin, which meant that you had to be running the Metasploit framework in order to test the exploit. That's fairly easy, but requires some work and thought.
Tonight, however, someone released a pure HTML version of the same exploit. This means that it just got quite a bit easier for would-be exploiters to use. It still doesn't work properly on our test machines, but it seems like it will with the appropriate tweaking, and when it is "tweaked appropriately", it'll be used for sure.
We're preemptively adding signatures for the variant to SocketShield, just in case.