Windows WMF Flaw

Windows WMF Flaw is a major flaw in Microsoft Windows operating systems recently discovered that affects all versions of Windows operating systems. What this flaw allows is malicious installations of a Trojan horse or spyware on your system without independent of operator action. While anti-spyware developers are working to develop fixes, no current program is able to detect this bug. This is a major concern, because this flaw or bug can put hundreds of millions of PC users at risk of infection by spyware or viruses. You should be concerned no matter if you are a small business owner with but one PC, or a larger small business company with a larger network. Employees will be trickling back to work, turn on their PCs and view the infected files unless you warn them beforehand.

On Dec 28, 2005 Microsoft acknowledged that a zero-day exploit for Windows Metfile images existed, and it was “looking” into better ways to protect its customers. The Windows WMF flaw allows hackers to attach or insert malicious code into image files. According to Microsoft’s public relations agency spokesman Waggener Edstrom: "Upon completion of this investigation, Microsoft will take the appropriate action to protect our customers, which may include providing a fix through our monthly release process or issuing a security advisory, depending on customer needs." Judging by Microsoft’s past performance, this fix could take weeks or months to complete.

Its called a "zero day" exploit because hackers are taking advantage of it while there is no patch available, and the flaw can zip past any other patches installed on PCs according to several security experts. In fact, hackers have already published the source code they used to exploit the WMF Flaw, opening the door to thousands of other hackers.

The Windows WMF flaw makes your company very vulnerable. Most spyware attacks require victims to download or execute a suspect file. But the WMF Flaw danger is that users can infect their computers simply by viewing a web page, email or instant message that contains a contaminated image. Security firms warn that PCs can be attacked if users do any of the following:

• Visit hostile Web sites hosting exploits
• Open a malicious WMF file in Windows Picture and Fax Viewer or IM
• Preview a malicious WMF file in Windows Explorer

All versions of Windows are vulnerable to this attack.

• Windows 95
• Windows 98
• Windows ME
• Windows 2000
• Windows NT.
• Windows Server 2003 Datacenter Edition
• Windows Server 2003 Enterprise Edition
• Windows Server 2003 Standard Edition
• Windows Server 2003 Web Edition
• Windows XP Home Edition
• Windows XP Professional.

No anti-virus program currently detects this bug. Meanwhile, some security experts urge system administrators and small business owners to take the unusual step of installing an unofficial fix created by Russian computer programmer Ilfak Guilfanov. Security expert Steve Gibson has reviewed the source code for this program and certifies that it works as promised. You can download the fix and easily uninstall it. Once Microsoft develops a fix of its own, you can easily remove it. Unfortunately the patch doesn’t apply to Windows 95, 98, ME or NT users.

Attacks could increase dramatically if hackers discover more automated ways to target systems, such as using email, instant messages, or file sharing, according to Ken Dunham, director of the rapid response team at VeriSign's iDefense, with more Trojans and more sinister code emerging over the next few days.

Microsoft encourages its customers follow its recommended security practices, detailed on its Microsoft Security Web Site. Users who believe they have been affected can contact Microsoft's product support team.

Windows has developed a patch to fix the problem. The company shoul dbe commended for their quick action. The fix has been verified by John Gibson and there are no interactions between Ilfak's patch and Microsoft's. If not already installed, go ahead and install Microsoft's fix, then remove Ilfak's. Gibson said that he will personally develop a fix for Windows 9x and ME systems if Microsft does not act.

Per Steve Gibson, all Windows 95, Windows 98, Windows SE and Windows ME systems are not vulnerable to the WMF bug and don‘t need the patch. NT 4 users are vulnerable and should run a suppression utility. Gibson’s free utility Mousetrap allows users to check if their systems have the Windows WMF Metafile image code execution (MICE) vulnerability. You can download this utility at GRC Web Site.

• Demotivators In the Workplace
• Memo Layout
• 10 Best Home Based Businesses
• The Myths Of Entrepreneurship
• Unethical Business Practices

• Sample Resume Objective
• Memo Examples
• Resume Objective Examples
• Resume Objective Statements
• Sample of Letter of Request

• Small Business Accounting Software
• GoToMeeting.com
• Spyware
• Digital Printing
• Malware