More on the WMF exploit

It’s a shame that millions of Internet users still didn’t protect their systems from one of the most dangerous Windows exploits ever. It is very easy to download and install the patch developed by Ilfak Guilfanov. Although this patch, is not official, most IT security companies as well as reputable experts encourage users to apply this patch immediately. However, not everyone understands how nasty the WMF exploit is and what consequence may cause. Thankfully, SANS Institute published a readily comprehensible presentation on the new exploit. This document (available in PDF and PowerPoint formats) explains how the risk works and what it can do to the system and user sensitive information.

IT security professionals around the world were pleasantly surprised yesterday by a report from iDEFENSE, a well-known security company. It claims that only Windows XP (with or without service packs) and Windows Server 2003 (with or without service packs) are actually vulnerable to the WMF exploit. Windows 98, Windows Me and Windows 2000 are unaffected, unless there is specific software installed that deals with WMF files (an example of such software is Lotus Notes). This iDEFENSE information was checked and confirmed by Larry Seltzer, well-known software expert. That’s a good news to all the users running prior Windows releases.

Another important news is an advisory from Microsoft, which operating systems are vulnerable to the WMF exploit. The software giant says that the official patch should be released on January 10, 2006:

Microsoft has completed development of the security update for the vulnerability. The security update is now being localized and tested to ensure quality and application compatibility. Microsoft’s goal is to release the update on Tuesday, January 10, 2006, as part of its monthly release of security bulletins. This release is predicated on successful completion of quality testing.

Standby for more information about the new threat.

Like us on Facebook