12.28.05 13:07 GMT
| comments (2)
Status : moderate risk
Kaspersky Lab has raised its alert level to yellow. This is because several Trojan programs which exploit the new Windows Meta File vulnerability have been detected in the wild.
The vulnerability itself is regarded as extremely critical (the highest possible rating). As yet, there is no patch for this vulnerability.
Computers running Windows XP with SP2, Windows XP with SP1, and Microsoft Windows Server 2003 SP0/SP1 are affected by this vulnerability.
The vulnerability functions in Internet Explorer, and may function in Firefox if certain conditions are met.
The programs detected by Kaspersky Lab which exploit this vulnerability are Trojan-Downloaders, which install other Trojan programs on the victim machine. At the moment, Trojan programs are being downloaded from unionseek.com and iframeurl.biz. New modifications of these programs may appear.
Antivirus database updates which include detection for these Trojan programs have been released. Users are strongly recommended to update antivirus databases on a regular basis.
We also strongly recommend that users do not open files with a *.wmf extension and set their Internet Explorer security settings to 'High'.
More information about the vulnerability is available at:
http://secunia.com/advisories/18255/ and
http://www.securityfocus.com/bid/16074/info
