Zero-Day Windows Meta File exploit

InfoWorld: Application development reports “Update: Malicious hackers busy exploiting zero-day Windows flaw. Fully-patched systems running Windows XP and Windows Server 2003 can be successfully attacked by malicious hackers, various security firms warned Tuesday and Wednesday. By Juan_Carlos_Perez@idg.com (Juan Carlos Perez).”

Short form: IE seems to be subject to exploitation when navigating to a hostile site and received a Windows MetaFile (wmf). Site Admins should filter .wmf (and possibly .emf) files at the periphery. Limit IE use to a minimum, as always. FireFox users will receive a “what do I do with this file?” dialog. Doesn’t seem to affect Linux or Macintosh users.

Powered by WordPress. Designed by Woo Themes

This work by Ted Roche is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 United States.