GDIの脆弱性を利用した攻撃でSymantecがイエロー（Level2）になっているそうです。

The ThreatCon is currently at Level 2: Elevated.
The ThreatCon is currently at Level 2. The DeepSight honeynet has observed in-the-wild exploit attempts targeting a GDI vulnerability patched by Microsoft on April 8, 2008. The malicious image appears to target the Microsoft Windows GDI Stack Overflow Vulnerability (BID 28570). At least three different sites are hosting the images; two different malicious binaries are associated with the attacks.