|
A newly discovered security vulnerability in the Windows Metafile Format (WMF) is being exploited by code that's being distributed by a large number of Web sites (Websense security labs says the number is in the thousands). These sites distribute spyware and then replace the desktop wallpaper with a message that tells you to enter your credit card info for a "spyware cleaning" application. XP Home and Pro, including fully patched systems, are vulnerable to this exploit. And watch out if you're using Google Desktop or other desktop search engines. If they index the exploit files, they can end up running the exploit and infecting your computer. Microsoft has issued an advisory at http://www.wxpnews.com/rd/rd.cfm?id=060103SE-Microsoft that includes a workaround, but it also causes Windows Picture and Fax Viewer to not start when you click an associated file. For more information and a list of domains that are distributing the exploit code (which you can block with your firewall), see:
http://www.wxpnews.com/rd/rd.cfm?id=060103SE-FoxNews
|