The Black Hats Don’t Sleep


Well, I hope you enjoyed Christmas as much as I do and additionally I hope that you have the opportunity to have a few days off.


But it seems that the bad guys have too much time as well. There are reports that there is a 0day out there attacking a vulnerability in Microsoft Windows WMF Handling. We are aware of it and it is under investigation at the moment. Here you can find some information about it:
MELANI: http://www.melani.admin.ch/newsticker/00072/index.html?lang=en&PHPSESSID=5f98437d926027b133d27ab41e1f6748
Secunia: http://secunia.com/advisories/18255/
SANS: http://isc.sans.org/diary.php?storyid=975


F-Secure, one of our VIA (Virus Information Alliance) partners, has some good information on this from an attack perspective: http://www.f-secure.com/weblog/archives/archive-122005.html#00000753


Several AV-vendors including Symantec, Trendmicro, McAfee, and F-Secure have already updated their signature – therefore you should as well


Roger


Comments (1)

  1. Jon Gresham says:

    Not just reports. I got at home last night. Used restore point and feverish deletes, still not sure if I got it all. So I hope they admit and publish a fix soon.