WMF Security Vulnerability

Microsoft has confirmed the security vulnerability in the Windows Meta File (WMF) which can be used to install any type of malicious code to your computer (mainly Viruses and Trojans). There are many variants of exploit already appearing in the internet. Microsoft is planning to release the patch next week on 10 Jan 2006 but many security experts say that it might me too little too late.

For corporations and individuals who can’t wait until next week there’s an unofficial patch from Ilfak Guilfanov. This is what Internet Storm Center has to say about the patch.

“We have reverse engineered and verified that the installation/uninstallation code in the .msi does what it says it does and nothing more”

Internet Storm Center have detailed explanation on how WMF security vulnerability and the unofficial patch work.

Web security solutions provider Websense is providing more information on WMF infected sites . Infected sites are detected in United States, Russia, Netherlands, the United Kingdom, China, and Japan at this moment.

As for myself I’ve already installed the unofficial patch and can recommend you to do so but you need to understand this is an unofficial patch which Microsoft don’t recommend but I’m simply afraid that it might be too late before they release the official patch. This security vulnerability is too serious to ignore and wait for a week. BTW, Internet Storm Center and Anti-Virus firm F-Secure both have tested and urging the businesses to install unofficial patch.

Be Sociable, Share!
Posted in Security, Technology, Windows

Leave a Reply

Your email address will not be published. Required fields are marked *

*

Recent Comments

DeAnna on Meeting Buddha Boy: Whether he did or didn’t hurt someone…(February 16, 2017, 1:55 am)
http://www./ on iPhone first impression: They are mostly scams. If they require…(November 25, 2016, 10:29 am)
fifa4joy on Donate to my Mo, save a Mo Bro: You’ve gotten impressive knowlwdge these…(November 1, 2016, 11:06 am)
schnellkredit auch hartz 4 on iPhone first impression: Rodger, thanks for the clarification, which now…(October 31, 2016, 12:35 pm)
steamcsgoskin on Meeting Buddha Boy: good!good…(August 5, 2016, 8:10 am)