Windows Meta Files, or those ending in .wmf...Watch out ...

Help and Discussion

Moderator: The Mod Squad

Windows Meta Files, or those ending in .wmf...Watch out ...

Postby tonycarr » Wed Dec 28, 2005 12:41 pm

Be aware , some sort of FAKE anti virus screen claiming to clean your rig can infect you , even on AV protected winXP sp2 machines . Link to story below ...


http://blogs.washingtonpost.com/securit ... lease.html
E Pluribus Unum
tonycarr
Black Belt 2nd Degree
Black Belt 2nd Degree
 
Posts: 2218
Joined: Fri Dec 28, 2001 12:00 am
Location: SouthEastern , USA

Postby evasive » Wed Dec 28, 2005 3:15 pm

8O

made this into a sticky...
Last edited by evasive on Wed Dec 28, 2005 10:55 pm, edited 1 time in total.
We hate rut, but we fear change.
********************************
System error, strike any user to continue...
evasive
Mobo-fu Master
Mobo-fu Master
 
Posts: 36876
Joined: Sun May 06, 2001 12:01 am
Location: Netherlands

Postby DAVE1 » Wed Dec 28, 2005 3:50 pm

I wonder what it acutally looks like

are there any pictures of it yet ?
Join team 33258 today!!
DAVE1
Mobo-fu Master
Mobo-fu Master
 
Posts: 7699
Joined: Sat May 14, 2005 11:49 am

Postby tonycarr » Wed Dec 28, 2005 8:18 pm

DAVE185 wrote:I wonder what it acutally looks like

are there any pictures of it yet ?


Link below to a typical look but the article reads it can change ...

http://www.websensesecuritylabs.com/ale ... lertID=385
E Pluribus Unum
tonycarr
Black Belt 2nd Degree
Black Belt 2nd Degree
 
Posts: 2218
Joined: Fri Dec 28, 2001 12:00 am
Location: SouthEastern , USA

Postby DAVE1 » Thu Dec 29, 2005 7:13 am

i doubt I would believe one of those but now I can tell other people about it
Join team 33258 today!!
DAVE1
Mobo-fu Master
Mobo-fu Master
 
Posts: 7699
Joined: Sat May 14, 2005 11:49 am

Postby kltsin » Tue Jan 03, 2006 1:32 pm

This exploit is currently billed as the worst infection in history. It can hide rootkits, it can even hide itself.

Heres a temporary fix for this exploit until MS gets one

Info and download link can be found here
After installing a restart is in order.

Here is a checker to see if your still vulnerable
http://castlecops.com/a6438-Hot_off_the ... ecker.html
kltsin
Black Belt 2nd Degree
Black Belt 2nd Degree
 
Posts: 2792
Joined: Tue Jun 29, 2004 9:05 am
Location: St. Augustine, Fl

Postby evasive » Thu Jan 05, 2006 10:13 pm

Official patch is released before the monthly batch:
http://www.microsoft.com/downloads/deta ... layLang=en
We hate rut, but we fear change.
********************************
System error, strike any user to continue...
evasive
Mobo-fu Master
Mobo-fu Master
 
Posts: 36876
Joined: Sun May 06, 2001 12:01 am
Location: Netherlands

...it's not even Tuesday yet ...

Postby tonycarr » Fri Jan 06, 2006 6:39 am

I wonder if ms made a patch for win98 ,me & 2000 ? on this one as well ? as xp ? From what I read of it , it affected the other ms os's too.
E Pluribus Unum
tonycarr
Black Belt 2nd Degree
Black Belt 2nd Degree
 
Posts: 2218
Joined: Fri Dec 28, 2001 12:00 am
Location: SouthEastern , USA

Re: ...it's not even Tuesday yet ...

Postby mitsubishi » Fri Jan 06, 2006 6:51 am

tonycarr wrote:I wonder if ms made a patch for win98 ,me & 2000 ? on this one as well ? as xp ? From what I read of it , it affected the other ms os's too.

No: http://news.com.com/2061-10789_3-6020645.html
Well not for 98 and me anyway. There's no proof they are vunerable anyway, the exploits known don't appear to work.
mitsubishi
Green Belt
Green Belt
 
Posts: 171
Joined: Mon Sep 13, 2004 6:08 am
Location: UK

Re: ...it's not even Tuesday yet ...

Postby EmilyB » Fri Jan 06, 2006 7:00 am

tonycarr wrote:I wonder if ms made a patch for win98 ,me & 2000 ? on this one as well ? as xp ? From what I read of it , it affected the other ms os's too.


http://www.microsoft.com/technet/securi ... 6-001.mspx

Are Windows 98, Windows 98 Second Edition, or Windows Millennium Edition critically affected by one or more of the vulnerabilities that are addressed in this security bulletin?No. Although Windows 98, Windows 98 Second Edition, and Windows Millennium Edition do contain the affected component, the vulnerability is not critical because an exploitable attack vector has not been identified that would yield a Critical severity rating for these versions. For more information about severity ratings, visit the following Web site.
EmilyB
 

Next

Return to Virus/Spyware/Security

Who is online

Users browsing this forum: No registered users and 0 guests