|
A program was published this past week that demonstrates a security vulnerability present in the Windows graphical display interface. More specifically, it is possible to hide programs inside WMF format images and have them executed automatically if encountered by the Windows operating system. This will occur even if a WMF image is renamed with a more common graphical file extension such as .JPG or .GIF.
Virus and worm writers have wasted no time in incorporating these new techniques into their arsenal of tools. Websites with tainted images have been discovered. Instant messages and spam have been sent attempting to fool recipients into accessing these images. As always, view any unsolicited request to visit a web page with great suspicion.
Microsoft has issued a Windows Update for this issue. OIT encourages everyone running potentially affected systems to apply the Microsoft patch as soon as practical. The patch can be obtained for Windows 2000 and XP systems by clicking Start -> Windows Update, by clicking the link above or by having automatic updates turned on. Although vulnerable, please note that a patch will not be produced for Windows 98 and Windows ME.
Ensure that your anti-virus software is fully updated. McAfee Virus Scan (Enterprise version 8) can detect known WMF exploit code.
|
