ThreatCon
The ThreatCon is currently at Level 2: Elevated.
Microsoft has released a new security advisory to address vulnerabilities affecting Internet Explorer browsers. The advisory has been released in response to a report published by CORE (CORE-2009-0625), which disclosed two remote file-access vulnerabilities affecting the browser. The issues can be exploited by a remote website to obtain file contents or to render script contained in a target file in the Security Zone that is assigned to the target file's source. The vulnerability is trivially exploitable and is likely to be exploited in the wild.
Details for exploitation of these issues is public. Customers are advised to read the following Microsoft Security advisory as soon as possible for workaround information.
Microsoft Security Advisory (980088)
Vulnerability in Internet Explorer Could Allow Information Disclosure
http://www.microsoft.com/technet/security/advisory/980088.mspx
Microsoft Internet Explorer URLMON Sniffing Cross Domain Information Disclosure Vulnerability
http://www.securityfocus.com/bid/38056
Symantec ThreatCon Rating
The Symantec ThreatCon rating is a measurement of the global threat exposure, delivered as part of Symantec DeepSight Threat Management System.
ThreatCon Level 2
Medium : Increased alertness
This condition applies when knowledge or the expectation of attack activity is present, without specific events occurring or when malicious code reaches a moderate risk rating. Under this condition, a careful examination of vulnerable and exposed systems is appropriate, security applications should be updated with new signatures and/or rules as soon as they become available and careful monitoring of logs is recommended. Changes to the security infrastructure are not required.
View ThreatCon Definitions
Symantec DeepSight Threat Management System tracks security events on a global basis, providing early warning of active attacks. With personalized notification triggers and expert analysis, the system enables enterprises to prioritize IT resources in order to better protect critical information assets against a potential attack. To track security threats, it continuously correlates IDS and firewall attack data from the security systems of over 20,000 partners in over 180 countries, plus virus statistics from the Symantec Digital Immune System and many other human intelligence resources. Experts at Symantec analyze the information to identify active attacks and deliver advanced warning with actionable analyses and countermeasures.
Technorati
Digg
Delicious
Reddit
StumbleUpon
Yahoo Buzz
Twitter
Facebook
Newsvine
