Channel News and Analysis - Channel Insider
Empowering the next generation Channel
 
Bull’s Eye Awards
Nominations Open for Channel Insider 2009 Bull’s Eye Awards
Nominations are now open for the Channel Insider 2009 Bull’s Eye Awards, which recognize excellence in customer service, technology prowess, business acumen, channel leadership, communications and community building, and innovation among vendors, solution providers, distributors and channel services companies.



Sponsored Links
  • SonicWALL breaks through network and email gridlock
  • Save up to 40% on calling costs with Avaya Aura™
  • HP PartnerONE | SolutionsINFINITE Visit us at hp.com/partners/us/go/4


    		•  

    Critical Windows Metafile Flaw Being Exploited

    in Channel News and Analysis
    DATE: 2005-12-29 | By Lisa Vaas


    Article Rating:starstarstarstarstar / 0
    Article Views: 610

    Rate This Article:
    Poor Best
    Add This Article To:
    Updated: Code for what Secunia is deeming an "extremely critical flaw" in Windows Metafile Format files is being exploited on fully patched systems. Avoiding attack is simple, researchers note: Don't

    Microsoft Corp. has issued a security advisory for what Secunia is deeming an "extremely critical flaw" in Windows Metafile Format (.wmf) that is now being exploited on fully patched systems by malicious attackers.

    Websense Security Labs is tracking thousands of sites distributing the exploit code from a site called iFrameCASH BUSINESS.

    Resource Library:
    That site and numerous others are distributing spyware and other unwanted software, replacing users' desktop backgrounds with a message that warns of spyware infection and which prompts the user to enter credit card information to pay for a "spyware cleaning" application to remove the detected spyware.

    Vulnerable operating systems include a slew of Windows Server 2003 editions: Datacenter Edition, Enterprise Edition, Standard Edition and Web Edition. Also at risk are Windows XP Home Edition and Windows XP Professional, making both home users and businesses open to attack.

    In this fluid attack, researchers have kept up a steady stream of new details about the extent of the exploit's reach, with Google Desktop being the latest reported vector.

    F-Secure reported on Wednesday that Google Desktop tries to index image files with the exploit, executing it in the process. F-Secure reports that this exploitation-via-indexing may wind up occurring with other desktop search engines as well.

    Read the full story on eWEEK.com: Critical Impact: Windows Metafile Flaw a 'Zero-Day Exploit'



    Discuss Critical Windows Metafile Flaw Being Exploited
     
    >>> Be the FIRST to comment on this article!
     

     
     
    >>> More Channel News and Analysis Articles          >>> More By Lisa Vaas
     



    		 

    Related Content

    Articles Labs/How-To Multimedia


    [ci] feeds
    XML
    Add Channel News, Product Reviews, Trends and Analysis to your RSS newsreader or My Yahoo!

    HTML PLAIN TEXT

    Keep on top of news for VARs and Resellers with CI's Weekly Newsletter and Alerts.

     

    CHANNEL RESOURCE CENTER
     
     
    How to Unleash Application Performance with Solid-State Drives and Sun Servers
    Unleash the Beast! Learn from Sun and Intel experts how Sun servers equipped with Flash-enabled solid-state drives offer dramatic improvements to HPC, Web 2.0, and data center application performance Watch this video to learn more
    Watch Video
     
    Build A More Efficient Data Center
    Demands are growing but budgets are not. Solve your pressing IT issues using the resources you already have. Determine which technologies can help you drive efficiencies and how they are applied. Gain a quick ROI on new initiatives
    Find out how
    Easily Monitor Virtual, Physical, and Cloud based assets, applications and services from a unified Dashboard with up.time. Deep Monitoring across platforms and best-of-breed reporting. Over 700 enterprise customers in 32 countries.
    Read Article