New security Risk

  J B 17:00 28 Dec 05
Locked

The Sunbelt Software Blog has details on a new security exploit that blows by fully patched Windows XP systems:

Any application that automatically displays a WMF image will cause the user’s machines to get infected. This includes older versions of Firefox, current versions of Opera, Outlook and all current version of Internet Explorer on all versions of Windows.

This is a zero-day exploit, the kind that give security researchers cold chills. It works by exploiting a weakness in the Windows engine that views graphics in the Windows Metafile (WMF) format. You can get infected by simply viewing an infected WMF image.

Another report from F-Secure says so far it’s being exploited by a handful of sites in Russia, but it will spread. You’re most likely to get directed to one of these sites via a spam message offering dirty pictures, free software, and other forms of bait.

I expect that all major antivirus companies will have detection and prevention for this by the end of the day. I don’t know of any workarounds, but will update this post if I hear any more. For now, use the most recent version of Firefox rather than any other browser and steer well clear of unknown/untrusted sites. I copied this from click here dated 28/12/05. Thought it would be of some interest. J.B.

  sjbell 17:05 28 Dec 05

This is the same risk I reported earlier. See my post (click here) for further details. Can never have too many warnings though!

  J B 20:07 28 Dec 05

I shall defer to "sjbell". He posted three minutes before me. Though this was a double post, nothing was on the forum when I looked. J.B.

This thread is now locked and can not be replied to.

Best phone camera 2016/2017: Galaxy S7 vs iPhone 7 vs Google Pixel vs HTC 10 Evo vs OnePlus 3T vs…

1995-2015: How technology has changed the world in 20 years

These are the Best Christmas Ads and Studio Projects of 2016

Super Mario Run preview | Hands-on first impressions of Super Mario Run: Mario's iPhone & iPad…