also @ TechSpot: Razer brings the arcade experience home with the Atrox Arcade Stick

Windows WMF 0-day exploit in the wild

By

On December 28, 2005, 12:12 PM

Update: Microsoft has now issued a security advisory on the WMF vulnerability.

There's a new zero-day vulnerability related to Windows' image rendering - namely WMF files (Windows Metafiles). Trojan downloaders, available from unionseek[DOT]com, have been actively exploiting this vulnerability. Right now, fully patched Windows XP SP2 machines machines are vulnerable, with no known patch.

F-Secure has some information on this as does The Internet Storm Center Note that if you have the Google toolbar installed it is enough to download the file with an "inactive" client (i.e. one that by default does not execute what you download) like wget or similar because the Google toolbar will index the infected file anyway!

It is not mentioned if other operating systems like Windows 2000 or 98 are also vulnerable.

No tags on this story

30 comments

User Comments: 30

Got something to say? Post a comment
  1. December 29, 2005 4:28 AM
    Mictlantecuhtli said:
    Yes, that was just for my Windows.
    Reply
  2. December 29, 2005 4:41 AM
    realblackstuff said:
    Guess it won't be long now, before RSS-feeds will also automatically infect you!Time to subscribe to a real newspaper again.
    Reply
  3. December 29, 2005 7:15 AM
    spike said:
    lol@RBS. Somehow surreal, but with a large amount of truth.
    Reply
  4. December 29, 2005 2:13 PM
    luismigilbert said:
    i use a great antivirus, up to date.. microsoft antispyware.. no problems at all...performance is affected... but that's it...
    Reply
  5. December 30, 2005 5:00 AM
    Craftos said:
    I've been hit with that bug right that day. I use Firefox all day but had bad luck with opening one page with IE.In a few seconds I had 4 trojans installed, including Spy Sheriff (sic!)
    Reply

Recently commented stories

Comments page: 1 2

Post a new comment

Social Login & Guest Posting TechSpot Members
Login here or sign up for free,
it takes about a minute.
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.
TechSpot on:

Most Popular

Trending Featured
More Trending Topics

Featured on Cases

Downloads and Drivers

Downloads   Drivers  

J. River Media Center 18.0.187

ComicRack 0.9.169

Ashampoo UnInstaller 5.03

Files Terminator Free 2.5.0.11

Advanced Host Monitor 9.50

More Downloads

Latest Discussion

Bitdefender 5 replies on Software Apps

Unacceptably high disk usage/performance lag Windows 8 43 replies on Windows OS

How did my Windows key become disabled? 8 replies on Other Hardware

Vertex shader 1.1 and Pixel Shader 1.1 30 replies on Audio and Video

No monitor signal 62 replies on Audio and Video

More Recent Discussion

Subscribe to TechSpot

Get free exclusive content, learn about new features and breaking tech news.