InfoSecPodcast.com

Info on IE 0-Day with Snort sig

Unless you are under a rock you have probably heard about the latest hole in Internet Explorer. This one affects the VML component on a fully patched PC. You can be compromised by either a web page viewed in IE or through an HTML email in Outlook. Rather than re-hash all the reviews and analyses, [...]

Continue reading...

Exploits in the wild for recent Microsoft vulnerabilities

Internet Storm Center reports that exploits for MS06-034, MS06-035, and MS06-036 are publicly available. By now you should have them patched anyway….right???? MS06-036 is the one that gives me the shivers since it affects Windows 2000 / XP with the latest service packs and because so many corporate networks use DHCP. It’s marked as [...]

Continue reading...

“0-Day” exploit for PowerPoint, Snort sigs to block .ppt files

Just 3 days after Patch Tueday, Microsoft confirms a new vulnerability in PowerPoint that will could casue complete system compromise. To be clear, this is different than the MS06-028 PowerPoint vulnerability announced on Tuesday. Snort signatures to block PPT files are available on the blog post.

Continue reading...