Scott's Weblog The weblog of an IT pro specializing in virtualization, networking, open source, and cloud computing

WMF Flaw Patch Released

There’s a lot of chatter on the Internet today about the MS06-001 patch from Microsoft, designed to address the “zero-day” WMF flaw for which numerous exploits were circulating. Here’s a brief look at some of the links.

Microsoft Ships ‘Emergency’ WMF Patch

MS Rushes Patch as WMF Exploit Tools Surface: Of particular interest in this article is the WMFMaker exploit tool, a simple and straightforward tool that allows novice hackers to add malicious code to a WMF image.

Update: Microsoft releases WMF patch

WMF FAQ: What you need to know

Lest you think that malicious web sites were the only attack vector, read “Attempts to exploit WMF vulnerability by IM multiply”, which indicates that more than 70 variants of IM-based attacks have been identified.

One very interesting statement from one of the articles linked above was a note about the lifetime of this flaw and its related exploits. Just as even now we are still dealing with years-old virii and worms circulating the Internet, we can be sure that malicious WMF files will be around, exploiting older versions of Windows for which Microsoft did not release a patch because they are “end of life” (like pre-SP4 Windows 2000, for example).

Be social and share this post!