MS06-025 & Excel HLINK Exploits released to public

FrSIRT noted developments for MS06-025 and revised their status from "Green" to "Yellow" overnight. The MS06-025 exploit impacts W/2000 users but not XP SP2 users. Hopefully, there won't be in-the-wild attacks as they are anticipating with the exploit code publicly released

Everyone should be on the latest security patches and continue to avoid untrusted Excel documents until Microsoft patches these vulnerabilities.

Microsoft Windows Exploits Out - FrSIRT CTL™ Raised to Level 2
http://www.frsirt.com/english/threats/

Microsoft Windows Routing and Remote Access Code Execution Issues (MS06-025)
http://www.frsirt.com/english/advisories/2006/2323

Quote: Two remote code execution exploits that take advantage of vulnerabilities affecting Windows have been publicly released.

The first code targets a critical Windows Remote Access Connection Manager vulnerability (MS06-025) addressed last week. Microsoft Windows 2000 systems are primarily at risk from this exploit.

The second code exploits the recently disclosed Windows / Excel memory corruption (0day) and opens a command shell on port 4444 when a specially crafted link is clicked. Comments

FrSIRT Current Threat Level has been raised to ELEVATED (Level 2/4) ... We should expect to see active exploitation of these vulnerabilities in the wild within a few hours.       Published : 2006.06.22 - 11:12:55 UTC