Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Handlers Diary Blog InfoSec Handlers Diary Blog

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Lowering infocon back to green

Published: 2010-07-20
Last Updated: 2010-07-20 20:53:54 UTC
by Manuel Humberto Santander Pelaez (Version: 2)
1 comment(s)

According to the arguments presented by Handler Lenny when the Infocon level was increased, we believe that the purpose of increasing the awareness on this vulnerability has been fulfilled, so we are falling back to green level. This does not imply that the threat is over.

If we see a major attack arise using this vulnerability, we will let you know and if it is bad enough we will raise infocon again.

Update: There is an interesting article from Didier Stevens about how to mitigate LNK exploitation with software restriction policies. Read it at

-- Manuel Humberto Santander Peláez | | | msantand at isc dot sans dot org

1 comment(s)
Diary Archives