Windows zero day nightmare exploited

Found on The Inquirer on Wednesday, 28 December 2005

F-Secure, Bugtraq and a number of other security aware outfits have warned of a zero day vulnerability that's being actively exploited as we write.

Fully patched Windows XP SP2 machines are vulnerable and there's no known fix as yet.

A number of trojans are being distributed using the vulnerability, related to Windows' image rendering.

F-Secure says you can get blatted if you visit a site with an image file containing the exploit. IE users may automatically be infected. Firefox users can get infected if the image file is downloaded.

There is no solid workaround against emerging WMF exploits. Locking down WMF files on the gateway and building network detection signatures may mitigate known threats. The impact of attacks may also increase.

You can find more details at F-Secure as well as a temporary solution. This workaround unregisters the "Windows Picture and Fax Viewer", an application I've never used (at least not knowingly), so I might as well leave it unregistered.

Browse all articles« Previous « » Next »