Link: http://isc.sans.org/

Updated Story on ISC going Yellow:
Handler's Diary December 28th 2005

previous -

* Update on Windows WMF 0-day (NEW)
Published: 2005-12-28,
Last Updated: 2005-12-28 19:07:59 UTC by Daniel Wesemann (Version: 1)

Update 19:07 UTC: We are moving to Infocon [gloworange]Yellow[/gloworange] for a bit. There has been some debate among the handlers about this step, but considering that a lot of people are on holidays and might otherwise miss the WMF 0-day problem, we have decided to raise the alert level.

The orignal exploit site (unionseek.com) is no longer up. But the exploit is being served from various sites all over by now, see the F-Secure Blog on http://www.f-secure.com/weblog/ for an update on the versions of the exploit found in the wild.
Apologies if someone else already beat me to the punch on the update.


UPDATE... yet again - heh - just a quick blurb as of [gloworange]Update 19:07 UTC[/gloworange]:

Working exploit code is widely available, and has also been published by FRSIRT and the Metasploit Framework.
This obviously coincides with the posts following what I threw up me'ah - the next 12-24 should be fun. Think I'll start drinking now.