Most Popular
| Top Stories | Latest | Featured |
Weekend open forum: Windows 7 target to boot in under 15 seconds
Microsoft fears Chrome's JavaScript performance more than Flash
Intel prepares to discontinue multiple Core 2 processors
Asus releases F6V laptops with scent
Joost prepares to launch web-based player
AMD prepares two new low-cost low-power CPUs
Newsletter
| Newsletter | TechSpot Poll |
You can also subscribe to our daily feeds using:
IT
Trojan alert over unpatched Windows flaw
Malicious hackers have exploited the new Windows Meta File vulnerability to create a range of Trojan programs. The vulnerability, which exists in machines running Microsoft Windows XP with SP1 and SP2, and Microsoft Windows Server 2003, can be exploited by tricking victims to view specially constructed sites, especially where IE is used as a browser.
Windows PCs infected by malware from the Trojan-Downloader Agent-ACD family are liable to download other malware programs onto a compromised machine
Kaspersky advises users not to open untrusted files with a *.wmf extension.
Related Stories
User Comments (9)
Post a comment| Rhianntp on December 29, 2005 1:39 PM | Precisely the reason why I check Windows Update on a regular basis...
|
| PanicX on December 29, 2005 2:11 PM | While keeping your computer patched and up to date is a good thing, Microsoft currently has no fix for the WMF exploit. There is a workaround available but its still possible to be exploited even with the work arounds.
Microsoft Security Advisory
|
| luvhuffer on December 29, 2005 9:17 PM | The problem with the work around, to unregister the Shimgvw.dll file is that you will no longer be able to view thumbnails in Windows Explorer. Another work around, a registry fix will offer the same protection but will still allow thumbnails to be viewed.
In the Regedit program go to the key: HKEY_LOCAL_MACHINE\SOFTWARE\Classes \SystemFileAssociations\image \ShellEx\ContextMenuHandlers \ShellImagePreview Then delete the default value. To re-enable the feature, go to the same key and set the default value as a REG_SZ to "{e84fda7c-1d6a-45f6-b725-cb260c236066}". The workaround has been confirmed by iDEFENSE as effective in preventing the current versions of the exploit, with a caveat. Previous vulnerabilities in the parsing of WMF files have led to additional vulnerabilities in EMF files, a later version of the metafile format. iDEFENSE warns that this workaround may not be effective against such future attacks. You can read more here. http://www.eweek.com/article2/0,1895,1906211,00.asp?kc=ewnws122905dtx1k0000599
|
| MonkeyMan on December 30, 2005 9:26 AM | Well, I am currently using Avant Browser, not the internet explorer browser, way to many bugs, also, It seems like with every update, there always has to be another trojan or virus or something made by a hacker. Microsoft has to always be up to date on these things lol. Man, I'm to sexy for my shirt, to sexy for my shoes, to sexy for my pants, to sexy for my belt, to sexy for my mom, to sexy for girlfriend, to sexy for my computer, to sexy for my professor, to sexy for my hat, what do you think about that?
|
| Nodsu on December 30, 2005 2:30 PM | Avant is IE and it has all the IE bugs. Don't let yourself be fooled by the shiny interface.
|
| mentaljedi on December 31, 2005 9:15 AM | firefox has some compatibility issues with a coule of sites, but i prefer it to IE. This is another reason why.
|
| luvhuffer on December 31, 2005 3:52 PM | An update on this. The registry fix I posted above has proved TO NOT be a viable workaround. That leaves unregistering the .dll file and/or hoping your spyware huristic analysis is up to the task. 50 variants and counting so far.
|
| nathanskywalker on December 31, 2005 7:17 PM | Did i just hear another windows exploit? surprising...
|
| luismigilbert on January 2, 2006 9:13 AM | it's funny how often hackers create new virus...install an AV and Antispyware and keep both of them up to date..enable automatic updates from windows...this helps...
|
