Windows Metafile zeroday exploit



There’s more on the WMF 0-day exploit… According to f-secure it’s being used to distribute the following nasties….

Trojan-Downloader.Win32.Agent.abs
Trojan-Dropper.Win32.Small.zp
Trojan.Win32.Small.ga
Trojan.Win32.Small.ev.


It’s also installing the wolf in sheeps clothing… Avgold.

Sunbeltblog is reporting that the exploit is now on 50 sites…. Here is a list to block….

m.cpa4 [dot] org
008k [dot] com
mscracks [dot] com
keygen [dot] us
dailyfreepics [dot] us
pornsites-reviews [dot] com
mmxo.megaman-network [dot]
com
600pics [dot] com
Crackz [dot] ws
unionseek [dot] com
www.tfcco
[dot] com
Iframeurl [dot] biz
beehappyy [dot] biz
Buytoolbar [dot] biz
teens7 [dot] com

They also speculate on potential vectors in web-based mail accounts spam (hotmail) and trackback blog links. It sounds as though after getting bit by this one, reinstalling the operating system is the best way back to running normally.

Related Posts

Blog Traffic Exchange Related Posts
  • So who is behind Windows Police Pro Virus / Rogue Security Software? As I've seen the continuing FLOOD of searches for some way to Remove Windows Police Pro, I've been starting to wonder at the who is behind this particular piece of junk software. These programs aren't written by your average ordinary virus writer, there is really too much spit and polish......
  • Zero-day ( 0-day) Microsoft Word exploit There was some news on this last night at Incidents.org, today F-secure has some details as well on the trojan that's dropped in this circulating, exploit. It seems as though the initial attack was very targetted against a specific organization. Antivirus packages did not recognize the trojan that the exploit......
  • More on the Windows WMF zero-day exploit There seems to be quite a bit developing on the Windows Meta File (WMF) zero-day (0-day) exploit which was first reported yesterday. Sans has raised their alert level to yellow in an effort to get attention to this problem. It looks like the original site serving the exploit is down,......
Blog Traffic Exchange Related Websites
  • New Fake TweetDeck Update – Beware of Spreading Malware Many TweetDeck users have awaken to an unfortunate surprise this morning when trying to launch the application.   What is the unfortunate surprise you ask? “It did not work!”  Twitter has recently implemented major changes to how other applications access your Twitter account and hackers have taken the opportunity by implementing......
  • How to Obtain Your Free (Government Mandated) Credit Report What is a credit report and what does it contain? Back in the day, when you applied for credit you would list all of your creditors on the application. The bank or whomever was deciding whether or not to extend you a line of credit would then call all your......
  • Should I Panic When I See a Windows Registry Error? Windows registry errors are pretty common in this day and age, and this is because most of the computer users in the world today are pretty negligent when it comes to maintaining their computer, least of all a tiny file that sits in the core of the Operating System. The......
PDF24    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

2 Responses to “Windows Metafile zeroday exploit”

  1. Spyware Informer Says:


    The Zero-Day Exploit

    The new WMF exploit been all over the news lately. Why shouldn’t it be? It’s a huge security risk! How so? For one, it exploits a feature that almost every Windows PC has: a graphics rendering engine. I’m sure that many of you know what this is and …

  2. Polarman Says:


    Urgent WMF exploit

    What Microsoft should do about the WMF exploit: · Use automatic update to immediately unregister the shimgvw DLL. When they’ve fixed the problem, they can turn it back on. · Negotiate to use the current fix of Ilfak Guilfanov’s. Pay


Switch to our mobile site