Advertisement
Promo

Security threats Toolkit

Exploit targets hole in Windows

Elinor Mills ZDNet.co.uk

Published: 29 Dec 2005 10:10 GMT

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

A new Trojan horse program was infecting PCs on Wednesday, exploiting a hole in Windows systems to sneak onto computers, then dropping adware or spyware or turning them into zombies, according to several Internet security companies.

The Trojan, dubbed Exploit-WMF (Windows Meta File), was rated a category 2 level risk, meaning it had the potential to continue to spread, said Dave Cole, director of security response at Symantec.

The exploit "is misusing a function in the WMF library in Windows," dropping onto the machine a downloader Trojan "that pulls down its big brother, a more sophisticated Trojan" from a server on the Internet, he said.

"Then it might try to pull down adware, spyware or a bot program," that can turn the computer into a zombie to be used for attacking other machines or sending spam, or just leave a hole on the computer through which sensitive data could be stolen, Cole said.

Kaspersky Lab rated the vulnerability "highly critical" and predicted that "new modifications of these programs may well appear in the near future."

The WMF vulnerability affects computers running Windows XP with service pack 1 and service pack 2, as well as Windows Server 2003 with service pack 0 and service pack 1. It can be exploited when an Internet Explorer user, or Firefox user under certain circumstances, visits a Web site that has malicious code on it or when a user previews .wmf format files with Windows Explorer, Kaspersky said in a statement.

The WMF library allows the computer to handle particular image types of Windows machines, Cole said. There is no patch for it yet from Microsoft, although antivirus vendors had released software to help protect against it, he said.

"Microsoft is investigating new public reports of a possible vulnerability in Windows and will continue to investigate the reports to help provide additional guidance for customers," a Microsoft spokesperson wrote in an e-mail. "Upon completion of this investigation, Microsoft will take the appropriate action to protect customers, which may include providing a fix through the monthly release process or issuing a security advisory, depending on customer needs."

Windows users can get more information about security issues at http://support.microsoft.com/security.

  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with EPSON

Did you find this article useful?
84 out of 155 people found this useful


In association with Network Liberation Movement

Talkback

Post a comment


Full Talkback thread

0 comments

Related Links

More In Security threats


Company/Topic Alerts

Create a new alert from the list below:




Related BlackBerry Resources

Protecting the BlackBerry Device Platform Against Malware

BlackBerry Devices with Bluetooth - Security Overview

BlackBerry Enterprise Server IT Policy

BlackBerry Enterprise Solution - Security Technical Overview

BlackBerry Enterprise Solution and RSA SecurID

CIO's Guide to Mobile Security

See All White Papers

Video icon

Video

Sentry Posts Blog

DNA details of innocent will be kept f...

The government has announced that it plans to keep innocent people's DNA details for up to six years. In response to a consultation it launched last December, the government said... More

5 comments

Motorola Droid Drops Today: Happy Droi...

Motorola Droid Drops Today: Happy Droid Day America! Author: Eric Everson, Mobile Security Expert If you’re wondering what all of the buzz is about with words like Droid and Android... More

Post a comment

Mobile Security Profile: BlackBerry St...

Mobile Security Profile: BlackBerry Storm2 Author: Eric Everson BlackBerry handsets are a staple of office culture; from syncing calendars to sharing business-related data,... More

Post a comment


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

ALL TOOLKITS

Blogs

Newsletters