This is another report on the Windows vulnerability I posted a bit earlier. Suzi Turner of ZDNet.com writes:

…Sunbelt researchers have collected more than 50 variants of the WindowsMetafiles (WMF) and documented a number of domains running this exploit. Email, blog talkbacks, guestbook links, all could be used to spread this infection. In fact, I know someone who got infected by clicking on a user’s homepage link at a forum.

F-Secure detects at least 3 different variants named W32/PFV-Exploit.A, .B and .C. F-Secure also says Google Desktop’s indexing of metadata of image files can cause the infected file to execute, and gives this warning:

Do note that it’s really easy to get burned by this exploit if you’re analysing it under Windows. All you need to do is to access an infected web site with IE or view a folder with infected files with the Windows Explorer.

[Continue reading New zero day exploit seen in the wild]

[tags]f-secure,zero day exploit,suzi turner,sunbelt,metafiles,wmf[/tags]