Windows WMF patch

If you’re trying to find the Windows vulnerability patch at the original location, you can’t. It got pounded into oblivion by a zillion hits.

Fortunately, the patch has been mirrored and is available at Sunbelt and CastleCops

Here’s our original post. You NEED this patch if you run Windows.


Windows metafile hole requires unofficial patch (from the always useful Windows Secrets)

I don’t ordinarily publish a news update for every new Windows security threat that appears.

The new "WMF Metafile" vulnerability is different:

It can infect your PC if you merely view an image formatted as a Windows metafile on a Web page, in an e-mail attachment, or on your hard disk. 

Every browser is vulnerable — IE, Firefox, Opera, and others — because the image is not being rendered by the browser. It’s rendered by Windows’ own Picture and Fax Viewer.

If your PC catches an infected metafile — perhaps through instant messaging or file-sharing software — the payload can run even if you don’t consciously open or view the image. Google Desktop Search, for example, causes the payload to be executed when the metadata of the image is accessed. If the image is an icon, merely displaying a file directory in certain views of Windows Explorer can silently execute a Trojan.