Windows PC Security - WMF Vulnerability

Come on in and shoot the virtual breeze...
(If you can't see the other forum sections, register and/or sign in!) :]

Windows PC Security - WMF Vulnerability

Postby KCSA_ChickenHead on Tue Jan 03, 2006 4:18 pm

Some of you might have a problem on your PCs. There's a lovely Windows "worm/trojan" that has become a rampant problem on the Internet over the last week. The gist is: when you view a web page or download a file (possibly through your E-mail client), if it contains specifically made WMF (Windows Media File) content, it could exploit a flaw in Microsoft Windows (all versions) that results in malicious code being run on your PC. The targeted effects are varied but usually fall along the lines of installing a virus/worm/trojan onto your PC for it to be exploited at a later date.

As of yet, there is not official Microsoft patch for the vulnerability and most anti-virus software is not capable of protecting against it. Microsoft has recommended a work around; however, several security experts do not believe the work around is enough to protect against the problem. A tool from a third party has been created to deal with this problem and it has been reviewed by the security industry as an acceptable fix until Microsoft issues an official patch.

Unlike most past security problems with PCs, this particular one can not be avoided. It is possible for your computer to become infected under circumstances that would normally be considered "safe". If you E-mail client or Instant Messenger program saves attachments sent to you to your hard drive (as most of those clients do), and if an "infected" attachment is sent to you, when that file is saved to your hard drive you are then at risk. Any of the common tools and applications that index your PC's hard drives for faster file searching/sorting can trigger the payload in the file. The other common means for this infection to occur is if you visit a website that contains one of these media files, seen to be often masquerading as an image. When your browser attempts to view the file, it then triggers the infection. It's that easy. Past methods for avoiding infections - cautious browsing, having an updated AV client, firewalls - none of those are capable of preventing this problem at present without serious degradation of your online capabilities.

Please read the official statement from Microsoft and a more layman's analysis of the problem, including a recommended "fix" (second link), from the links below. As with any security notice, check several sources for corroborating information. Pass this on to friends and family.

Happy and *Safe* computing in the New Year. :)

Microsoft Security Advisory (912840) ... 12840.mspx

Windows WMF Vulnerability News & Updates

Computerworld Articles regarding this problem:
User avatar
Chronic gAMER
Chronic gAMER
Posts: 216
Joined: Wed Oct 20, 2004 11:00 pm

Return to General Lounge

Who is online

Users browsing this forum: No registered users and 18 guests