ThinkBlog

If you’ve been watching the tech news lately, you know about the WMF vulnerability of Windows that has existed since versions hailing back as far as Windows 95 and before. Microsoft claims this is a feature, not a bug, but a group of hackers have published proof-of-concept code exploiting the feature by which a file ending in .wmf can be executed remotely and hidden as an image.

Ilfak Guilfanov at HexBlog has a hotfix available until Microsoft comes out with their own fix; but of course, that would mean they’d have to admit guilt on the matter, I suppose.

UPDATE: Microsoft’s own fix is out! See “Microsoft Security Bulletin MS06-001: Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution (912919)”.

If you’ve been watching the tech news lately, you know about the WMF vulnerability of Windows that has existed since versions hailing back as far as Windows 95 and before. Microsoft claims this is a feature, not a bug, but a group of hackers have published proof-of-concept code exploiting the feature by which a file ending in .wmf can be executed remotely and hidden as an image.

Ilfak Guilfanov at HexBlog has a hotfix available until Microsoft comes out with their own fix; but of course, that would mean they’d have to admit guilt on the matter, I suppose.

UPDATE: Microsoft’s own fix is out! See “Microsoft Security Bulletin MS06-001: Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution (912919)”.