[Dshield] Risk factors SANS ISC "Exploits Available For MS04-11 Vulns"

Tom Liston tliston at premmag.com
Fri Apr 16 14:18:33 GMT 2004

The diary doesn't say that there is current, active use of the exploits.  
The diary says that there are exploits "out there", and thus patching has 
become extremely urgent.  The race is on folks... it's not a matter of 
"if" now, but "when."

I see this sort of response every time we try to give people forewarning 
about potential issues: "But I don't see any rise in attacks..."  Of 
course you don't; that's why it's called "forewarning."


On 16 Apr 2004 at 8:24, Harris, Michael C. wrote:

> Is any one actually seeing an increase in scanning or exploit traffic to
> match the ISC handlers noted vulnerability?  I am not seeing increased
> scanning locally in fact both 445 and 139 are down just over 10% for the
> same hourly periods last couple days. Prudent to patch as we all know, but
> has anyone in the trenches seen a propagating worm in the wild yet or scans
> by more manual exploit kits? 
> The original release can be found here
> http://www.incidents.org/diary.php?date=2004-04-15&isc=9be81a8fd3277648a
> aa0134e6e335420
> _______________________________________________
> list mailing list
> list at lists.dshield.org
> To change your subscription options (or unsubscribe), see:
> http://www.dshield.org/mailman/listinfo/list

More information about the list mailing list