Trojan exploits Windows WMF exploit

Virus writers have released code for a Trojan that exploits a

flaw in the Window Metafile (WMF) image format. Computers running Windows XP

(SP1 and SP2) and Windows Server 2003 systems are vulnerable. Older Windows version

may also be at risk.

Computer security organizations and AV researchers have

released information on the new threat and Microsoft has released a rather

cumbersome workaround. Microsoft has stated it will release a patch on January

10th as part of its normal, monthly update cycle.

SANS has released an unofficial, .MSI installer file fix for the vulnerability that you can download here. I have not tested the file personally, but several AV professionals have and they recommend it.

You can learn more about this threat from the following links:

By Bill Detwiler

Bill Detwiler is Editor in Chief of TechRepublic and the host of Cracking Open, CNET and TechRepublic's popular online show. Prior to joining TechRepublic in 2000, Bill was an IT manager, database administrator, and desktop support specialist in the ...