Overview of the WMF related articles at the ISC
Since this is one of the more complex stories to follow I've made a quick overview of the WMF issues.
The first story on the WMF vulnerability and the initial exploit
http://isc.sans.org/diary.php?storyid=972
The update explaining why we went to yellow the first time around
http://isc.sans.org/diary.php?storyid=975
The story pointing to the Microsoft bulletin
http://isc.sans.org/diary.php?storyid=976
The availability of the first snort sigs
http://isc.sans.org/diary.php?storyid=977
The going back to green article
http://isc.sans.org/diary.php?storyid=978
More WMF signatures
http://isc.sans.org/diary.php?storyid=980
Lotus notes affected
http://isc.sans.org/diary.php?storyid=981
The bandaid post: deregistering not reliable, extension filtering not enough
http://isc.sans.org/diary.php?storyid=982
The free phone number for micrsoft support
http://isc.sans.org/diary.php?storyid=985
Indexing and WMF
http://isc.sans.org/diary.php?storyid=986
Musings on how to protect organisations beyond the trivial
http://isc.sans.org/diary.php?storyid=990
An IM worm found using the WMF stuff
http://isc.sans.org/diary.php?storyid=991
The second exploit, back to yellow, new sigatures and an unoffical patch
http://isc.sans.org/diary.php?storyid=992
The WMF FAQ
http://isc.sans.org/diary.php?storyid=994
2nd generation exploit use in spam
http://isc.sans.org/diary.php?storyid=995
Trustwothy computing
http://isc.sans.org/diary.php?storyid=996
Recommended block list
http://isc.sans.org/diary.php?storyid=997
Status of the anti-virus detection after one day
http://isc.sans.org/diary.php?storyid=998
Updated version of Ilfak Guilfanov's patch
http://isc.sans.org/diary.php?storyid=999
More .wmf woes
http://isc.sans.org/diary.php?storyid=1002
Installing a Patch Silently
http://isc.sans.org/diary.php?storyid=1004
.wmf FAQ Translations
http://isc.sans.org/diary.php?storyid=1005
Checking for .wmf Vulnerabilities
http://isc.sans.org/diary.php?storyid=1006
MS to Release Update on Jan 10
http://isc.sans.org/diary.php?storyid=1009
.MSI installer file for WMF flaw available
http://isc.sans.org/diary.php?storyid=1010
--
Swa Frantzen
The first story on the WMF vulnerability and the initial exploit
http://isc.sans.org/diary.php?storyid=972
The update explaining why we went to yellow the first time around
http://isc.sans.org/diary.php?storyid=975
The story pointing to the Microsoft bulletin
http://isc.sans.org/diary.php?storyid=976
The availability of the first snort sigs
http://isc.sans.org/diary.php?storyid=977
The going back to green article
http://isc.sans.org/diary.php?storyid=978
More WMF signatures
http://isc.sans.org/diary.php?storyid=980
Lotus notes affected
http://isc.sans.org/diary.php?storyid=981
The bandaid post: deregistering not reliable, extension filtering not enough
http://isc.sans.org/diary.php?storyid=982
The free phone number for micrsoft support
http://isc.sans.org/diary.php?storyid=985
Indexing and WMF
http://isc.sans.org/diary.php?storyid=986
Musings on how to protect organisations beyond the trivial
http://isc.sans.org/diary.php?storyid=990
An IM worm found using the WMF stuff
http://isc.sans.org/diary.php?storyid=991
The second exploit, back to yellow, new sigatures and an unoffical patch
http://isc.sans.org/diary.php?storyid=992
The WMF FAQ
http://isc.sans.org/diary.php?storyid=994
2nd generation exploit use in spam
http://isc.sans.org/diary.php?storyid=995
Trustwothy computing
http://isc.sans.org/diary.php?storyid=996
Recommended block list
http://isc.sans.org/diary.php?storyid=997
Status of the anti-virus detection after one day
http://isc.sans.org/diary.php?storyid=998
Updated version of Ilfak Guilfanov's patch
http://isc.sans.org/diary.php?storyid=999
More .wmf woes
http://isc.sans.org/diary.php?storyid=1002
Installing a Patch Silently
http://isc.sans.org/diary.php?storyid=1004
.wmf FAQ Translations
http://isc.sans.org/diary.php?storyid=1005
Checking for .wmf Vulnerabilities
http://isc.sans.org/diary.php?storyid=1006
MS to Release Update on Jan 10
http://isc.sans.org/diary.php?storyid=1009
.MSI installer file for WMF flaw available
http://isc.sans.org/diary.php?storyid=1010
--
Swa Frantzen
Keywords:
0 comment(s)
×
![modal content]()
Diary Archives
Comments