[Previous entry: "Satellite surveillance for tax purposes"] [Main Index] [Next entry: "quote of the day"]

01/01/2006 Archived Entry: "Windows WMF exploits spreading"

Windows users, listen up: this new "WMF" vulnerability is seriously bad news. Exploits have been discovered circulating which use it to install keystroke loggers (there go your passwords!) and other spyware. If an infected image arrives as an email attachment, simply viewing it, viewing its folder, or indexing it with Google Desktop will infect your machine. Viewing a web page with one of these images will also infect you. It's bypassing most anti-virus packages, and new exploits are appearing.

Microsoft offers zilch to fix this. The Internet Storm Center has taken the unprecedented (for them) step of publishing an unofficial patch for Windows. F-Secure is recommending that patch too. The ISC page has a good summary of information; be sure to monitor their main page and F-Secure's weblog for the latest news.

Windows 98 users: there's no official word, but ISC reckons that you're vulnerable and that Microsoft will not ever issue a fix for this. It's looking like time to retire those Win98 systems.  —brad