Windows Metafile zeroday exploit



There’s more on the WMF 0-day exploit… According to f-secure it’s being used to distribute the following nasties….

Trojan-Downloader.Win32.Agent.abs
Trojan-Dropper.Win32.Small.zp
Trojan.Win32.Small.ga
Trojan.Win32.Small.ev.


It’s also installing the wolf in sheeps clothing… Avgold.

Sunbeltblog is reporting that the exploit is now on 50 sites…. Here is a list to block….

m.cpa4 [dot] org
008k [dot] com
mscracks [dot] com
keygen [dot] us
dailyfreepics [dot] us
pornsites-reviews [dot] com
mmxo.megaman-network [dot]
com
600pics [dot] com
Crackz [dot] ws
unionseek [dot] com
www.tfcco
[dot] com
Iframeurl [dot] biz
beehappyy [dot] biz
Buytoolbar [dot] biz
teens7 [dot] com

They also speculate on potential vectors in web-based mail accounts spam (hotmail) and trackback blog links. It sounds as though after getting bit by this one, reinstalling the operating system is the best way back to running normally.

Related Posts

Blog Traffic Exchange Related Posts
  • So who is behind Windows Police Pro Virus / Rogue Security Software? As I've seen the continuing FLOOD of searches for some way to Remove Windows Police Pro, I've been starting to wonder at the who is behind this particular piece of junk software. These programs aren't written by your average ordinary virus writer, there is really too much spit and polish......
  • Disinfecting a PC… part 6 Ok, it's BHOdemon time... installed from cd and on starting: BHOdemon bhotb-all.html not found, no web connection downloading on other machine. Finally get it to work copying from another machine. But I had to change the Windows ME to show full filenames to help troubleshoot why it couldn't find the......
  • More on the virus/trojan front I have a couple new things to post. One, in my futher investigation of the server logs, from the last big topic.... (read the entries below.) I've discovered at least one MAC, so this should be a warning that no one should take system security for granted. Likely someone has......
Blog Traffic Exchange Related Websites
  • How to Obtain Your Free (Government Mandated) Credit Report What is a credit report and what does it contain? Back in the day, when you applied for credit you would list all of your creditors on the application. The bank or whomever was deciding whether or not to extend you a line of credit would then call all your......
  • New Fake TweetDeck Update – Beware of Spreading Malware Many TweetDeck users have awaken to an unfortunate surprise this morning when trying to launch the application.   What is the unfortunate surprise you ask? “It did not work!”  Twitter has recently implemented major changes to how other applications access your Twitter account and hackers have taken the opportunity by implementing......
  • South Beach Harbor Marnia South Beach Harbor is located in San Francisco, CA  It is adjacent to AT&T Park -- home of the SF Giants -- and McCovey Cove.  Pirr 40 at the Embarcadero. Phone: 415.495.4911 email: sb.harbor@sfgov.org    Website: http://www.southbeachharbor.com/ Berths: 700 Regular Berth Pricing 26? $202 30? $237 34? $289 38? $358 42?......
PDF24    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

2 Responses to “Windows Metafile zeroday exploit”

  1. Spyware Informer Says:


    The Zero-Day Exploit

    The new WMF exploit been all over the news lately. Why shouldn’t it be? It’s a huge security risk! How so? For one, it exploits a feature that almost every Windows PC has: a graphics rendering engine. I’m sure that many of you know what this is and …

  2. Polarman Says:


    Urgent WMF exploit

    What Microsoft should do about the WMF exploit: · Use automatic update to immediately unregister the shimgvw DLL. When they’ve fixed the problem, they can turn it back on. · Negotiate to use the current fix of Ilfak Guilfanov’s. Pay


Switch to our mobile site