VML exploit pushes SANS to "yellow alert"

Unlike some color coded organizations, SANS Internet Storm Center doesn't tend to shift their color ratings of prevailing threats very often. But yesterday, the VML exploit pushed ISC up to yellow. Microsoft is hinting they'll be releasing a patch Real Soon Now. WebSense has available a cute video of a live VML attack which results in a Paypal (and everything else, really) keystroke logger getting silently installed. Metasploit now has a working VML exploit module, and for the first time, there's a well-publicized third-party patch available for IE within a day or two of public disclosure.

All in all, a pretty exciting vulnerability. It's not quite the big one -- yet -- but enough to keep us busy.