"A serious flaw in Windows is generating a rising number of cyberattacks, but Microsoft says it won't deliver a fix until next week.
That could be too late, security experts said. The vulnerability, which lies in the way the operating system renders Windows Meta File images, could infect a PC if the victim simply visits a Web site that contains a malicious image file. Consumers and businesses face a serious risk until it's fixed, experts said.
"This vulnerability is rising in popularity among hackers, and it is simple to exploit," said Sam Curry, a vice president at security vendor Computer Associates International. "This has to be taken very seriously, and time is of the essence. A patch coming out as soon as possible is the responsible thing to do."
Microsoft has come under fire in the past for the way it releases security patches. The company has responded in the past by instituting a monthly patching program, so system administrators could plan for the updates. Critics contend that in high-urgency cases such as the WMF flaw, Microsoft should release a fix outside of its monthly schedule.
Details on the WMF security problem were publicly reported last week. Since then, a number of attacks that take advantage of the flaw have surfaced, including thousands of malicious Web sites, Trojan horses and at least one instant messaging worm, according to security reports.
More than a million PCs have already been compromised, said Andreas Marx, an antivirus software specialist at the University of Magdeburg in Germany. He has found a hidden Web site that shows how many copies of a program that installs malicious software have been delivered to vulnerable PCs.
Microsoft has said that a patch will not be made available until Jan. 10, its next official patch release day. That delay could provide an opportunity for attackers, security provider Symantec said on Tuesday. "
The sky is not falling. Most major antivirus programs detect and block this vulnerability. The file has to be opened and it isn't a standard file the browser automatcally opens.
from <http://www.eweek.com/article2/0,1895,1907131,00.asp>
AV-Test, which tests anti-malware products, has been tracking the situation closely and has, so far, analyzed 73 variants of malicious WMF files. Products from the following companies have identified all 73:
- Alwil Software (Avast)
- Softwin (BitDefender)
- ClamAV
- F-Secure Inc.
- Fortinet Inc.
- McAfee Inc.
- ESET (Nod32)
- Panda Software
- Sophos Plc
- Symantec Corp.
- Trend Micro Inc.
- VirusBuster
There are work arounds and commonsense that can keep you safe until patch Tuesday, but nothing can protect you from your own bad habits. We've got to stop clicking on links when we don't know the consequences. When in doubt, click the close button.
http://news.zdnet.com/2100-1009_22-6016747.html?tag=nl.e539
Posts
