Friday, May 20, 2022
  • Home

Microsoft “looking into” new image exploit in Windows

December 29th, 2005 by Zack Whittaker

Being the sort of fool that I am (hehe!) I decided to try this one out for myself. You don’t get many people who will openly try and see what different attacks to do a system, but I’m certainly one of them šŸ˜€

There is a new exploit that really is being exploited… a lot, and it targets users of Windows XP Service Pack 2 systems. Not sure if it exploits any other version of XP or not, but either way it’s best to keep careful and your guard up. It’s all about the Windows Metafile (.wmf) files. They are image files and support bitmap data as well as vector graphics.

My friend Paul yesterday sent me a link attached to his server with an affected file in – thank goodness I was in a pretty much blank XP SP2 virtual machine at the time šŸ˜‰ The point of this exploit, is that someone can hide malicious code inside the .wmf file and email it around or even put it on a webpage. All you’ll see is the Windows Picture and Fax Viewer open (if it’s an external file) and it’ll crash. If you see it in Internet Explorer, it’ll crash… but there’s a good chance it’ll let in spyware.

“Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. Microsoft encourages users to exercise caution when they open e-mail and links in e-mail from untrusted sources” Microsoft said.

Quick fix: When opening an image file or a .WMF, right click on the file and select Open With, and then select Paint or if there, Microsoft Office Picture Manager and don’t use the Windows Picture and Fax Viewer.

Remedy: If things go wrong, and you notice your system going slow after an “attack”, the best thing to do is to download Windows Defender (codename AntiSpyware), as although the attack would have hit, you might still be able to remedy things. Download it from:

Live Safety Center: Also try out the Windows Live Safety Center if you have been hit from an attack. It’s in beta, but it’s still pretty good. Check it out at:

Posted in Security, Windows XP | 1 Comment »

This entry was posted on Thursday, December 29th, 2005 at 8:13 am and is filed under Security, Windows XP. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

One Response

  1. Pat Says:

    MSpaint is also affected, good choice telling users to use it to open the wmf.