[unisog] 0-day Windows Metafile Defect Being Exploited

Christian Wagner wagnerck at mail.utexas.edu
Thu Dec 29 02:27:22 GMT 2005

Gary Flynn wrote:

> In case you haven't seen it yet....
> <http://www.jmu.edu/computing/security/#wmf>

More details:


Status of some common AV software's detections:


This is very ugly. To quote one source:

"The thumbnail view in Windows Explorer will parse the graphics files in a 
folder, even if the file is never explicitly opened. This is enough to trigger 
the exploit. Even more frightening is that you don't have to use the thumbnail 
view for a thumbnail to be generated. Under some circumstances, just 
single-clicking on the file will cause it to be parsed."

Christian Wagner - Microcomputer Applications Specialist
Department of Germanic Studies - University of Texas at Austin
wagnerck at mail.utexas.edu - (512) 232-6353

More information about the unisog mailing list