Windows security alert: WMF vulnerability

In case you haven’t come across this already, a new and highly nasty Windows security flaw has been uncovered in the last few days, and it is being actively exploited to infect Windows machines with rootkits and who knows what else. The flaw can be exploited by merely looking at a particular kind of image (a .wmf file) in Internet Explorer any browser or your mail client. It can even be activated without being viewed, if it happens to get indexed by something like Google Desktop.

I’ve been tracking news about it over on the F-Secure blog. Fortunately, there is a temporary patch available. If you’re running any form of Windows from 2000 upwards, you need to follow these instructions and install the patch right now. The patch doesn’t cover earlier versions of Windows, but the flaw is present in them, too. In fact, it has been there since Windows 3.0.

I don’t normally go into a flap about security issues, but this one has particular resonances with the short story “BLIT” by David Langford, which describes a fractal image that is “incompatible with human neural input”, and can kill you just by looking at it.

Sometimes I look forward to the day when I can access the cybersphere via a hardwired neural connection…and sometimes I just plain worry.

2 Replies to “Windows security alert: WMF vulnerability”

  1. Reminded me a bit of The Cassini Division by Ken McLeod too. They ended up doing everything mechanically, because the Jupiter transmissions crashed anything electronic 🙂

  2. reminds me of that episode of Star Trek TNG when data constructs an impossible shape on the terminal for Hugh the single borg to look at and take back to the collective. (but then they all decide that love will do more damage)

Comments are closed.