+ Reply to Thread
Results 1 to 4 of 4
  1. December 29th, 2005 11:39 AM #1
    ejda
    ejda is offline
    Tree Frog
    Join Date
    May 22nd, 2003
    Location
    Iran, currently in Canada
    Posts
    245

    Virus in Image??

    A friend of mine, who works on security issues in a company, just sent me this:

    Hi,

    There are always a lot of emails regarding warnings about virus/worms that
    blow up your computers if you click on a file named blah blah asking you
    to circulate the email around. Most of them are Hoax and false alarms and
    I hate those spams.

    But this time it seems that it is serious. There is a new security issue
    and some people are taking advantage of it and exploits are currently
    running in wild.

    The systems affected are Microsoft Windows XP (all Service Pack versions)
    and Microsoft Windows 2003 (again all versions). There is no
    update/fix/patch on this issue as the code exploiting this was released
    before the Microsoft could issue any solution! (this is not the regular
    case).

    The virus/worms/attacks using this will be in form of an image with
    extention of .wmf and might be coming to your pc from an untrusted
    website, from an email that carries it, or from Instant Message that
    somebody sends you a picture. As a result, to avoid that, take extra
    caution not to follow links that go to suspecious websites, don't open
    suspecious emails and don't accept images on IM from unknow contacts.

    If you are wondering where have I got the info from, I've done
    extensive research on this issue in the company I'm working in.

    Also you can check this security blog regarding the exposure and other
    stuff: http://isc.sans.org/diary.php?date=2005-12-28

    And this is a movie of what happens to a PC that visits the malicious
    website as an example of such frauds/attacks:
    http://www.websensesecuritylabs.com/.../wmf-movie.wmv
    The video is really scary!
    "...now I have no strength left for anything - that is the problem."
    The last words entered by Andrey Tarkovsky in his diary, two weeks before his death from cancer in Paris in December 1986
    Reply With Quote Reply With Quote
  2. January 3rd, 2006 12:07 PM #2
    Marston
    Marston is offline
    tadpole
    Join Date
    May 23rd, 2003
    Location
    Black River Falls Wisconsin
    Posts
    72
    Not so good news

    Click on the above link - its not the greatist news.
    "Now go have a beer!"
    Reply With Quote Reply With Quote
  3. January 3rd, 2006 04:41 PM #3
    Riek
    Riek is offline
    Bullfrog
    Join Date
    May 19th, 2003
    Location
    Melbourne, Australia
    Posts
    592
    Yes, this is bad, but is no worse than any other MS vulnerability. Keep in mind WMF's are not that widely used.
    "quod nihil sit tam infirmium aut quam fama potentiae nom sua vi nixae"
    Reply With Quote Reply With Quote
  4. January 3rd, 2006 04:44 PM #4
    Gesslar
    Gesslar is offline
    Carrot Gesslar's Avatar
    Join Date
    May 20th, 2003
    Location
    Toronto, ON, Canada
    Posts
    2,338
    which is actually too bad because if they just expanded the format a bit it could be an awesome expansion to computer art. i guess with SVG on the rise, though, WMF may die.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts

Forum Rules