Bottom line: this is a Windows flaw and Microsoft and various security companies are working on it. Users of Macs and Linux-based PCs are not affected.
For more info, see Security Fix, Sunbelt Blog, and Spyware Confidential. Warning: Not all fixes listed will actually "fix" the problem. Particularly, unregistering the "shimgvw.dll" as mentioned in the articles will not only NOT fix the problem, but it will cause you to not view most images on the web. As mentioned in that last link above:
Folks, unregistering the SHIMGVW.DLL is not a foolproof solution.More from Techweb:
The SANS Institute's Internet Storm Center also tossed in its two cents of bad news.Although some security firms on Wednesday advised enterprises to block WMF files at the network edge, that may not be a decent defense for long.
"Windows XP will detect and process a WMF file based on its content, and not rely on the extension alone," wrote analyst Chris Carboni on the center's blog. "[That] means a WMF sailing in disguise with a different extension might still be able to get you."
Hackers could simply rename a malicious WMF file with, say, a .gif or .jpg file extension, attach it to an e-mail message, and assuming a user opens the file, infect a system.
At the moment, say the experts, exploits are "only" installing spyware and/or fake anti-spyware software. That's bad enough, said two security firms, including one that specializes in combating spyware.
"Now we're seeing many more using this to install bad stuff," said Alex Eckelberry, president of anti-spyware developer Sunbelt Software. "This is a really bad exploit. Be careful out there."
Here's a video (Windows Media File) of the virus infecting a machine.
No comments:
Post a Comment