CERT and MS have posted advisories and patches on a new vulnerability in IIS and Win2K. Particualrly interesting is that it took everyone by surprise (black hats had it first) and they selectively targeted .mil machines. More info on the below URL's. Everyone ready for the latest round of attack mitigation procedures? http://www.msnbc.com/news/886524.asp?0cv=CB10 http://www.cert.org/advisories/CA-2003-09.html http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/ bulletin/ms03-007.asp ========================================================================== Eric Germann CCTec ekgermann@cctec.com Van Wert OH 45801 http://www.cctec.com Ph: 419 968 2640 Fax: 603 825 5893 "The fact that there are actually ways of knowing and characterizing the extent of one’s ignorance, while still remaining ignorant, may ultimately be more interesting and useful to people than Yarkovsky" -- Jon Giorgini of NASA’s Jet Propulsion Laboratory