Windows Metafile zeroday exploit



There’s more on the WMF 0-day exploit… According to f-secure it’s being used to distribute the following nasties….

Trojan-Downloader.Win32.Agent.abs
Trojan-Dropper.Win32.Small.zp
Trojan.Win32.Small.ga
Trojan.Win32.Small.ev.


It’s also installing the wolf in sheeps clothing… Avgold.

Sunbeltblog is reporting that the exploit is now on 50 sites…. Here is a list to block….

m.cpa4 [dot] org
008k [dot] com
mscracks [dot] com
keygen [dot] us
dailyfreepics [dot] us
pornsites-reviews [dot] com
mmxo.megaman-network [dot]
com
600pics [dot] com
Crackz [dot] ws
unionseek [dot] com
www.tfcco
[dot] com
Iframeurl [dot] biz
beehappyy [dot] biz
Buytoolbar [dot] biz
teens7 [dot] com

They also speculate on potential vectors in web-based mail accounts spam (hotmail) and trackback blog links. It sounds as though after getting bit by this one, reinstalling the operating system is the best way back to running normally.

Related Posts

Blog Traffic Exchange Related Posts
  • So who is behind Windows Police Pro Virus / Rogue Security Software? As I've seen the continuing FLOOD of searches for some way to Remove Windows Police Pro, I've been starting to wonder at the who is behind this particular piece of junk software. These programs aren't written by your average ordinary virus writer, there is really too much spit and polish......
  • Viruses and worms can come in from many directions For a long time, email was the primary vector for viruses, before that floppy discs carried bugs from pc to pc. Then came network worms exploiting windows security vulnerabilities which led to the rise of firewalls and the increase in viruses piggy-backing into the system through browser bugs. But, any......
  • WMF exploit virus detection revisited Yesterday, when I was testing the WMF exploit against a Windows 98 virtual machine, I sent samples through virus total and the only antivirus product to detect each of them was "TheHacker" from hacksoft. This evening I was revisiting the exploit (with the new rule for metasploit) and saved 20......
Blog Traffic Exchange Related Websites
  • Should I Panic When I See a Windows Registry Error? Windows registry errors are pretty common in this day and age, and this is because most of the computer users in the world today are pretty negligent when it comes to maintaining their computer, least of all a tiny file that sits in the core of the Operating System. The......
  • New Fake TweetDeck Update – Beware of Spreading Malware Many TweetDeck users have awaken to an unfortunate surprise this morning when trying to launch the application.   What is the unfortunate surprise you ask? “It did not work!”  Twitter has recently implemented major changes to how other applications access your Twitter account and hackers have taken the opportunity by implementing......
  • How to Obtain Your Free (Government Mandated) Credit Report What is a credit report and what does it contain? Back in the day, when you applied for credit you would list all of your creditors on the application. The bank or whomever was deciding whether or not to extend you a line of credit would then call all your......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

2 Responses to “Windows Metafile zeroday exploit”

  1. Spyware Informer Says:


    The Zero-Day Exploit

    The new WMF exploit been all over the news lately. Why shouldn’t it be? It’s a huge security risk! How so? For one, it exploits a feature that almost every Windows PC has: a graphics rendering engine. I’m sure that many of you know what this is and …

  2. Polarman Says:


    Urgent WMF exploit

    What Microsoft should do about the WMF exploit: · Use automatic update to immediately unregister the shimgvw DLL. When they’ve fixed the problem, they can turn it back on. · Negotiate to use the current fix of Ilfak Guilfanov’s. Pay


Switch to our mobile site