WMF Security Vulnerability

Microsoft has confirmed the security vulnerability in the Windows Meta File (WMF) which can be used to install any type of malicious code to your computer (mainly Viruses and Trojans). There are many variants of exploit already appearing in the internet. Microsoft is planning to release the patch next week on 10 Jan 2006 but many security experts say that it might me too little too late.

For corporations and individuals who can’t wait until next week there’s an unofficial patch from Ilfak Guilfanov. This is what Internet Storm Center has to say about the patch.

“We have reverse engineered and verified that the installation/uninstallation code in the .msi does what it says it does and nothing more”

Internet Storm Center have detailed explanation on how WMF security vulnerability and the unofficial patch work.

Web security solutions provider Websense is providing more information on WMF infected sites . Infected sites are detected in United States, Russia, Netherlands, the United Kingdom, China, and Japan at this moment.

As for myself I’ve already installed the unofficial patch and can recommend you to do so but you need to understand this is an unofficial patch which Microsoft don’t recommend but I’m simply afraid that it might be too late before they release the official patch. This security vulnerability is too serious to ignore and wait for a week. BTW, Internet Storm Center and Anti-Virus firm F-Secure both have tested and urging the businesses to install unofficial patch.

Be Sociable, Share!
Posted in Security, Technology, Windows

Leave a Reply

Your email address will not be published. Required fields are marked *


Recent Comments

Muhammad Ali on Meeting Buddha Boy: I am really moved by seeing a…(January 16, 2018, 4:43 pm)
LastMarina on How I Prepared and Passed CISSP : I see you don’t monetize your site,…(January 11, 2018, 5:20 pm)
FirstCandace on WinXP and OSX dual boot in MacBook Pro: I have noticed you don’t monetize your…(November 10, 2017, 11:32 pm)
From Wikipedia, the free encyclopedia – Ram Bahadur Bomjon on Buddha Boy attacked and injured a guy with his sword?: […] Niranjan (July 20, 2007). “Buddha Boy…(September 2, 2017, 5:07 pm)
Micle on How I Prepared and Passed CISSP : Nice Aritcle…(August 10, 2017, 8:51 am)