[Previous entry: "Latest FOX column"] [Main Index] [Next entry: "Protecting your vocal identity"]

12/29/2005 Archived Entry: "Windows MetaFile exploit"

Windows users: if you're using (or thinking of using) Google Desktop, you may want to think again. If you have Google Desktop, the latest Windows exploit can infect your computer even if you simply store the WMF image on your hard drive. According to F-Secure,

Bottom line is that if an image file with the exploit ends up to your hard drive, Google Desktop will try to index it and will execute the exploit in the process. There are several ways such a file could end up to the local drive. And this indexing-will-execute problem might happen with other desktop search engines too.

Anything which automatically executes downloaded content without asking for confirmation is bad news for your computer's security.

I've stopped commenting on most Windows viruses, but this one is particularly nasty...so much so that SANS has raised their Infocon to yellow. It affects all current versions of Windows, including XP SP2, and no fix is available (yet). Merely visiting the wrong web page is all it takes to infect your computer. F-Secure has more info.  —brad

Powered By Greymatter