Computer Help Community

Community

Cyber Tech Help Community

New Tutorials

More Tutorials
PC Tutorials

New Downloads

More Downloads
PC Downloads

Member Testimonials

Open Member Quote   Great job u guys Cyber Tech staff and others connected to this web site one way or another!!! Really happy to find this website!! Big help for me and for my friends. See ,I build PCs for my side business here in Japan and I find this website; forums tutorials etc very helpful in my business. I know there are a lot more out there but I believe this site is better. More power to you guys! - pcbuilder  Close Member Quote
Member Testimonials
MY CYBER TECH HELP

LATEST TOPICS

Tech Help Community

Free Antivirus Scan

Free Virus Scan and a listing of the top 10 viruses in the wild - Free Antivirus Scan
Free Online Antivirus Scan

File Extension Database

Find what program a filetype belongs to in our searchable File Extension Database.
File Extension Database

Related Microsoft Links

Technet

Expert Zone Community
Services
Cyber Tech Help Community

To the top of the page to top

 



'Really Bad' Exploit Threatens Windows

Latest News Latest News | News ArchiveNews Archive | Cyber Tech Help News RSS Feed!

'Really Bad' Exploit Threatens Windows\'Really Bad\' Exploit Threatens Windows

Posted by: Tweaker
Date added: 00:52, 29th December 2005 GMT
Source: Beta News

Microsoft Windows

A new exploit has been discovered in the wild that affects fully patched Windows XP SP2 systems, according to reports by security firms F-Secure and Sunbelt. The malicious code takes advantage of a vulnerability in the WMF graphics rendering engine to automatically download and install malware.

WMF, or Windows Metafile, is a vector based image format used by Microsoft's operating systems. SHIMGVW.DLL is loaded to render the images and contains a flaw that opens the door for a malformed WMF image to cause remote code execution and potentially allow for a full system compromise.

Microsoft previously fixed a vulnerability affecting WMF and EMF files in November. That problem affected Windows 2000, XP and Windows Server 2003.

"We have a number of sites that we have found with this exploit. Different sites download different spyware. We only had a handful of websites using this new exploit but now we are seeing many more using this to install bad stuff. These image files can be modified very easily to download any malware or virus," said Alex Eckelberry, CEO of Sunbelt Software.

"I hit one site with a fully patched XP system last night and it was pretty intense -- it went right through and infected my machine."

F-Secure's Mika Pehkonen warned that, "Right now, fully patched Windows XP SP2 machines are vulnerable, with no known patch." The company is detecting the offending WMF files as W32/PFV-Exploit.A, .B and .C.

"Note that you can get infected if you visit a web site that has an image file containing the exploit. Internet Explorer users might automatically get infected. Firefox users can get infected if they decide to run or download the image file," Pehkonen added.

Microsoft has been notified of the issue and it could opt to issue an emergency patch, apart from its standard Patch Tuesday security bulletins. "We expect Microsoft to issue a patch on this as soon as they can," says F-Secure.

Tools:  Tools: Post a comment | Link to this news item | Send to a friend | Submit News

 

Post a commentPost a comment

Error: You are not logged in.

In order to leave comments to news articles you must be a Cyber Tech Help Member.

Registration is completely free!  Register to become a member!  Register to become a member

Along with access to leave comments to news articles you will be able to ask any computing questions you might have on the Cyber Tech Help Forums.

 

[ To the top of the page To top | Latest News Latest News | News Archive News Archive | Cyber Tech Help News RSS Feed! ]