WMF - Microsofts bleeding Achilles Heel

Malicious software that exploits an unpatched vulnerability in Windows is now the most widely reported threat onlone, though it doesn't appear to be widely infecting corporate customers, according to McAfee.

In late December, hackers posted code that took advantage of the way Windows processes graphics files in the WMF (Windows Metafile) format, and that software is now being distributed in easy-to-use tools for creating malicious software that can be used to take over an unprotected computer, said Craig Schmugar, virus research manager with McAfee.

Although most security vendors, including McAfee, already protect their customers from this malicious software, an undetermined number of users are still at risk. WMF is the format used for clip-art in Microsoft's ubiquitous Office application. Macworld UK - WMF - Microsoft's bleeding Achille's Heel

Linked by shanmuga Wednesday, 4th January 2006 11:28PM