Jump to content
3000AD Forums
Sign in to follow this  

Windows zero day nightmare exploited

Recommended Posts



F-SECURE, Bugtraq and a number of other security aware outfits have warned of a zero day vulnerability that's being actively exploited as we write.

Fully patched Windows XP SP2 machines are vulnerable and there's no known fix as yet.

A number of trojans are being distributed using the vulnerability, related to Windows' image rendering.

Have a look, for example, at the F-Secure site, here, for more information.

F-Secure says you can get blatted if you visit a site with an image file containing the exploit. IE users may automatically be infected. Firefox users can get infected if the image file is downloaded. There's more solid advice at F-Secure. We await a patch from Microsoft.

* UPDATE Ken Dunham, director at iDefense, said the zero day WMF exploitation threat affecting fully patched versions of XP and Windows 2003 Web Server is underway. It has been exploited by multiple sites and added to the infamous Meetasploit tools. Attacks in the last 12 hours, said Dunham, have been minor. But systems so far attacked have shown clear signs of infection. He warned further attacks were likely.

There is no solid workaround against emerging WMF exploits. Locking down WMF files on the gateway and building network detection signatures may mitigate known threats. The impact of attacks may also increase.

F-Secure info

Microsoft's offical statement.

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this