Linked by Thom Holwerda on Wed 4th Jan 2006 22:45 UTC
Windows The saga around the WMF flaw in Windows continues. "A cryptographically signed version of Microsoft's patch for the Windows Metafile vulnerability accidentally leaked onto the Internet late Tuesday, adding a new wrinkle to the company's round-the-clock efforts to stop the flow of malicious exploits. The MSRC (Microsoft Security Response Center) acknowledged that a slip-up caused 'a fast-track, pre-release version of the update' to be posted to a security community site and urged users to 'disregard' the premature update."
Thread beginning with comment 81917
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE: Overblown
by diegocg on Thu 5th Jan 2006 02:27 UTC in reply to "Overblown"
Member since:

You know, I have to say that in my 5 years of using XP, I have *never* seen or used a WMF file, let alone had one sent to me.

....maybe because the bug was discovered two weeks ago?

In case you don't get it, virus creaters will start using it today even if nobody in the whole world had created a WMF file in 10 years. Windows supports it. It's everything you need to get a worm working. Actually, the fact that nobody uses WMF makes it worse: nobody knows what WMF files do, so it'll be much easier to deceive users.

Edited 2006-01-05 02:30

Reply Parent Score: 2