from the only-do-very-very-carefull-internet-surfing dept.
In the last days there were several reports of a WMF exploit going around. Currently this is abused to install a trojan / spyware on every Windows computer which visits a websites which containing such a prepared file.
The file doesn't even need to end with the .wmf file extentions, as for every picture (.gif, .jpg and others) the same subsystem in Windows is doing the work.
There is not yet an update available from Microsoft, just the release of the Microsoft Security Advisory (912840) - Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution. Some of the tips given in there will not really solve the problem.
Some of the anti virus software is able to detect such manipulated files, but don't trust it to much.
< | >