Today's critical Windows security hole

[joatmon]

another hole in windows http://news.com.com/Trojan+del....htmlQuote »Trojan delivers unwanted gift to Windows PCsBy Elinor MillsStaff Writer, CNET News.comPublished: December 28, 2005, 4:04 PM PST A new Trojan horse program was infecting PCs on Wednesday, exploiting a hole in Windows systems to sneak onto computers, then dropping adware or spyware or turning them into zombies, according to several Internet security companies.The Trojan, dubbed Exploit-WMF (Windows Meta File), was rated a category 2 level risk, meaning it had the potential to continue to spread, said Dave Cole, director of security response at Symantec.The exploit "is misusing a function in the WMF library in Windows," dropping onto the machine a downloader Trojan "that pulls down its big brother, a more sophisticated Trojan" from a server on the Internet, he said."Then it might try to pull down adware, spyware or a bot program," that can turn the computer into a zombie to be used for attacking other machines or sending spam, or just leave a hole on the computer through which sensitive data could be stolen, Cole said.Kaspersky Lab rated the vulnerability "highly critical" and predicted that "new modifications of these programs may well appear in the near future."The WMF vulnerability affects computers running Windows XP with service pack 1 and service pack 2, as well as Windows Server 2003 with service pack 0 and service pack 1. It can be exploited when an Internet Explorer user, or Firefox user under certain circumstances, visits a Web site that has malicious code on it or when a user previews .wmf format files with Windows Explorer, Kaspersky said in a statement.The WMF library allows the computer to handle particular image types of Windows machines, Cole said. There is no patch for it yet from Microsoft, although antivirus vendors had released software to help protect against it, he said."Microsoft is investigating new public reports of a possible vulnerability in Windows and will continue to investigate the reports to help provide additional guidance for customers," a Microsoft spokesperson wrote in an e-mail. "Upon completion of this investigation, Microsoft will take the appropriate action to protect customers, which may include providing a fix through the monthly release process or issuing a security advisory, depending on customer needs."Windows users can get more information about security issues at http://support.microsoft.com/security.

[northvibe]

a computer is only as secure as how the user sets it up - is my moto.

[drunkengirlfriend]

Quote, originally posted by northvibe »a computer is only as secure as how the user sets it up - is my moto.I completely agree but some people have no clue what they are doing.I guess it's time to take Drunken's advice and get a Mac.

[Kari]

Quote, originally posted by drunkengirlfriend »I guess it's time to take Drunken's advice and get a Mac. Definitely. At least until they start writing Mac trojan horses and virii...which I hope they don't, or at least that there isn't as much to exploit. Although the market share is still so small it's not really worth messing with to write a virus I guess.

[4azdmunky]

Yea, my Baracudda at work blocked about 50 of these over the last two days. A security update is due out by Tuesday, you can DL a network installer until then if you need it.

[drunkenmaxx]

Quote, originally posted by Kari »Definitely. At least until they start writing Mac trojan horses and virii...which I hope they don't, or at least that there isn't as much to exploit. Although the market share is still so small it's not really worth messing with to write a virus I guess. it's because all the real nerds who write that stuff are pc freaks!

[ColonelPanic]

Quote, originally posted by drunkenvibe »it's because all the real nerds who write that stuff are pc freaks! ...and they're probably all writing that crap under Linux. I mean, if they wrote this junk under its native platform, wouldn't that cripple their productivity? Hard to keep things going when your own work keeps infecting your box every ten minutes. lol! Ahh, I love Linux. And my Mac.

Attached files