Windows WMF 0-day exploit in the wild

By on
Update: Microsoft has now issued a security advisory on the WMF vulnerability.

There's a new zero-day vulnerability related to Windows' image rendering - namely WMF files (Windows Metafiles). Trojan downloaders, available from unionseek[DOT]com, have been actively exploiting this vulnerability. Right now, fully patched Windows XP SP2 machines machines are vulnerable, with no known patch.

F-Secure has some information on this as does The Internet Storm Center Note that if you have the Google toolbar installed it is enough to download the file with an "inactive" client (i.e. one that by default does not execute what you download) like wget or similar because the Google toolbar will index the infected file anyway!

It is not mentioned if other operating systems like Windows 2000 or 98 are also vulnerable.

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.