Be careful with WMF files

There's a new zero day vulnerability related to Windows' image rendering namely WMF files (Windows Metafiles). Trojan downloaders, available from Crackz [dot] ws, unionseek [dot] com, www.tfcco [dot] com, Iframeurl [dot] biz, beehappyy [dot] biz, have been actively exploiting this vulnerability. Right now, fully patched Windows XP SP2 machines machines are vulnerable, with no known patch. You might want to block these sites at your firewall while waiting for a Microsoft patch.

Note that you can get infected if you visit a web site that has an image file containing the exploit. Internet Explorer users might automatically get infected. Firefox users can get infected if they decide to run or download the image file. F-Secure : News from the Lab

Linked by shanmuga Wednesday, 28th December 2005 8:58PM