Exploit.WMF
Category: Trojan
Risk:
Severe Risk
* Severe threats typically are remotely exploitable vulnerabilities, which can lead to system compromise. Successful exploitation does not normally require any interaction and exploits are in the wild. There exists a high possibility of potential system damage or security flaw. Attacker has complete control over your computer or install new software on your machine.
Description: Exploit.WMF is a Windows Meta File, a graphics file format, that has been altered to contain malicious code in order to infect the victim's computer though an exploit. The exploit takes place through a vulnerability in all unpatched versions of Windows XP, Windows 2000, and Windows 2003. Older versions of Windows may be affected under certain circumstances. The infected WMF files are being distributed by various websites, by email, Instant Messaging links and possibly by infected banner ads. An unprotected user will be infected by visiting a web page or clicking on an email attachment with the infected files. Once on the victim's computer, the infected WMF file spawns other malware files that contact the internet and download spyware, adware, and potentially unwanted anti-spyware programs that falsely report malware found on the computer and demand payment to remove it. Other malware including backdoors, password stealers, keyloggers and spam bots may be installed during the exploit. The victim's computer may become under the control of a remote attacker. Microsoft issued a critical update for this vulnerability on January 5, 2006. The patch is for all versions of Windows XP, Windows 2000 and Windows 2003. The patch will not remove infected files from a victim's computer.
Alias: None
Signatures: None Listed
Copyright @2006 THR Computer Solutions: Exploit.WMF