Windows MetaFile Image Exploit Threatens Windows Users
Posted by Chris Leckness on 12/29/05 in The Internet
As I’m sure most of you have heard by now, this is a serious problem. Simply visiting a website with a specially coded .wmf image can infect your PC with a Trojan. Actual damage to the PC seems minimal at this point, but the code has been publicly posted (confirmed, I’ve SEEN the code) and could be mutated into something more malicious quite easily.
According to VirusList, this issue exists if the malicious image has been downloaded or (and more importantly) when viewed in Internet Explorer and possibly Firefox (my cross-reference shows Firefox should be safe so long as you don’t choose to open the file). Of course, you probably already know about this issue and I’m not writing to inform you for the first time. Microsoft doesn’t have a fix out yet so my advice would be of course prudence in clicking links, but also to download either Opera Internet Browser or Firefox. Opera won’t make you invulnerable, but it will, like Firefox, prompt you before automatically opening the file, so if you see a .wmf, be careful. Previously not freeware (it is now), this is a great browser, my personal favorite, featuring tabbed browsing, a built-in RSS feeder, good security, and an overall good layout. Give it a shot to help keep your machine safe for now and maybe you’ll even like it enough to hang on to. Also, reports say that setting your IE security level to high can mitigate risks, if you are inclined to stay with IE. Many antivirus companies are releasing updates concerning this vulnerability, so make sure you’re updated.
As always, download Windows Updates as you see them, keep your Antivirus software up to date, run a software or hardware firewall if at all possible, and be careful what you click. Hopefully all of our readers will keep this off their machines. Happy and safe surfing!
Virus info source: CNET News
Written by Chris Leckness · Filed Under The Internet
Tagged:
Did you like this post?
Share your vote!
(No Ratings Yet)
You can also participate in other conversation in our active forums with 200,000 other Members. It only takes 2 minutes to 
Luckily I have Trend Corp that covers the problem :)
Darn! I have Trend Micro 2005 and they are the only major AV who has NOT released any scanning or removal tools yet.
The TM security alert site didn’t even mention this threat as of about an hour ago.