A new vulnerability in Windows systems emerged during the festive season. Amazingly, Microsoft seems to be taking their time to release a fix, when there are virus authors out there slogging their brains out exploiting this vulnerability.
No browser is safe from this vulnerability!The browser doesn't ask you whether you wanna load a picture on a website. It can still make sure of this vulnerability when its extension is different from .wmf! All it needs to do is host an image on a website and you just have to visit it and ops, you got it.
Basic rules still applies here. DO NOT click on links from unknown emails, attachments or unknown links in chatrooms.
What might an attacker use the vulnerability to do?An attacker who successfully exploited this vulnerability could take complete control of the affected system. In a Web-based attack scenario, an attacker would host a Web site that exploits this vulnerability. An attacker would have no way to force users to visit a malicious Web site. Instead, an attacker would have to persuade them to visit the Web site, typically by getting them to click a link that takes them to the attacker's site. It could also be possible to display specially crafted Web content by using banner advertisements or by using other methods to deliver Web content to affected systems.
If I block .wmf files by extension, can this protect me against attempts to exploit this vulnerability?No. Because the Graphics Rendering Engine determines file type by means other than just looking at the file extensions, it is possible for WMF files with changed extensions to still be rendered in a way that could exploit the vulnerability.
Get the Unofficial fix here!Article about it on Internet Storm CenterAnother article by F-SecureMicrosoft Security Advisory (912840)And lastly, a video of the virus infecting a system