Don't you just love the acronym land? Did you know that there is actually a person at Microsoft whose sole job is to manage the list of acronyms that Microsoft uses (TLA)? If you didn't then please add that to the worthless knowledge you now possess. But why talk about acronyms today? Well, mostly because there is a 0 day exploit of another Microsoft file format that makes your Windows XP system wide-open for hackers if you made some bad decisions. On top of those is still using Microsoft Internet Explorer to surf the Internet – what in the world are you thinking? How many times do you have to stab yourself to bleed to death? If you know the answer to that please download Firefox today and say goodbye to IE-borne online threats. The second mistake, perhaps, is not updating the Firefox you already have installed on your computer. If you are running Firefox 1.0.4 or earlier on Windows you are still vulnerable (though you'll have to hold the knife and push in order to impale yourself in that scenario). So if you use Firefox remember that its not made out of titanium, its software, and software is broken no matter who writes it. So upgrade Firefox to 1.5 if you already have not. Now on to the actual knife – the 0 day exploit in WMF. WMF is a windows metafile format and pretty much only used by Office to store clipart and such. Well, today it joins the long line of exploited Microsoft formats that are no longer welcome in any mail system (along with .ico, .bmp, .hlp, etc) so please do not open wmf files, especially from third-party, untrusted web sites. The exploit is currently being used to distribute the following threats: Trojan-Downloader.Win32.Agent.abs Trojan-Dropper.Win32.Small.zp Trojan.Win32.Small.ga Trojan.Win32.Small.ev There is no known patch and you'll be waiting until at least the second Tuesday (patchday) of January to get this fixed so do something about it today. Install Firefox and stop clicking on WMF files! Update: Perhaps you don't have the time to switch your entire client base to Firefox today. Fair enough, Jesper Johansson has a post on how to restrict which extensions can pass through your ISA 2004 firewall. If your office does not have a firewall solution… well, you need to fire your network administrator. It is easy, look at the blog comments, I fired entire Microsoft Internet Explorer team today. Update 2: Ok, this appears to be a very sensitive subject for a lot of people, judging by the amount of you that have chosen to contact me. So let me come out one more step. Jokes aside. Folks, don't be afraid of the comments, what you say to me is between you and me, what you post in the comments is seen by everyone. If you feel strongly about something, VOICE it. Remember that the IE team dropped all development of Macintosh version of IE, then outright said it would not develop anything for XP anymore and everyone would have to upgrade to Vista, then they slacked away on security work and instead focused on visual issues while they got spanked on features by Firefox (which is why I switched) and finally its frequent posts like this one pointing to it. The Internet Explorer team needs to be punished, severely, for slacking away and compromising your computer and data security. This is not the case with almost any other Microsoft product. Will Bill fix it? Not as long as you continue to take it and not vote with your feet or at the very least tell them you are not happy with the risk they are placing on your computer. Step back, compose your thoughts and feelings and ask yourself one very simple question: If the manufacturer of your front door lock saw web sites giving away the key to your door, would you wait 2 weeks (Patchday, second Tuesday of January) or over a year (Windows Vista) to change that lock?
Whats on Vlad’s Mind?For the less coherent, more grammatically correct realtime insight, follow me on Twitter at @vladmazek or on Facebook.
20 Responses to WTF is a WMF?