Lotus Notes WMF vulnerability



This is really the same zero-day wmf vulnerability, but there is a twist. It’s been found that Lotus Notes v. 6.x and up are vulnerable to the Windows Meta File (WMF) exploit that’s making the rounds. Probably not surprising given that there are reports of many vectors of attack, not JUST the web browser. What makes this one noteworthy is that it is vulnerable EVEN WITH THE regsvr32 WORKAROUND. The only other solution that’s been reported thus far is DEP (Data Execution Protection) with supported DEP hardware.


So, once again, I’m left warning you to be cautious and be suspicious of unsolicited links, images and emails. A patch from Microsoft may be some time off. From what I’ve read some antivirus vendors are not encouraged that it will be a quick fix.

   Send article as PDF   

Similar Posts