Hunter Strategies LLC logo

Microsoft News Tracker

What's more interesting than observing Microsoft?

December 28, 2005

Zero day, drive-by Windows security exploits end the year with a bang

Posted by David Hunter at 5:10 PM ET.

(Via Ed Bott) A flaw in the way WMF files (Windows Metafiles) are processed by Windows means that even fully patched versions of (at least) Windows XP and Windows Server 2003 are wide open to attack from exploits currently circulating on the Web that drop and run previously known Trojan Horse programs. Exploits using this flaw are “zero day” since there was no advance warning and “drive-by” in that merely browsing a website or opening email with a malicious WMF file will infect a system.

F-Secure has more and notes that paradoxically, the Firefox browser version 1.5 is safe because it has an apparent bug in how WMF files are handled. There’s more from F-Secure here and possible workarounds are discussed in Juan Carlos Perez’s article at InfoWorld which also contains this observation:

However, the number of attacks could increase dramatically if malicious hackers find more automated ways to target systems, such as using e-mail, instant messages or file sharing, according to Ken Dunham, director of the rapid response team at VeriSign Inc.’s iDefense.

Attacks so far have been limited to installation of adware and spyware on compromised machines, but “you’re probably going to see Trojans and more sinister code develop and emerge in the next few days,” Dunham said in an interview.

Microsoft is investigating.

Filed under Security, Trojan Horses

Related posts:


One Response to “Zero day, drive-by Windows security exploits end the year with a bang”

  1. Microsoft News Tracker » Windows WMF vulnerability state of play Says:

    [...] Brian Krebs at the Washington Post has a useful review of where things currently stand with the Windows WMF vulnerability (mentioned here last week) and the unofficial patch that is available. In a nutshell, the antique WMF file format (dating back to Windows 3.0) has left Windows wide open and while knowledgeable folks are waiting with trepidation to see which of the lowlifes walks in first, some have taken matters into their own hand to formulate a defense. Krebs: I have to say I’m surprised that Microsoft has not yet issued an official fix for this. My guess is that if they wait until a week from Tuesday to ship an update, it will cost them dearly in terms of current and potential future customers. [...]

News Search:

Recent Posts:

Daily Digest Email:

Enter your Email

Powered by FeedBlitz


Full category list


Archive List

RSS Feed:

HunterStrat Links:


  • Powered by WordPress.