RealNews

WMF flaw can’t wait for Microsoft fix, researchers say

Users of the Windows OS should install an unofficial security patch now without waiting for Microsoft Corp. to make its move, security researchers at The SANS Institute’s Internet Storm Center (ISC) advised yesterday. Their recommendation follows a new wave of attacks on a flaw in the way versions of Windows from 98 through XP handle malicious files in the WMF (Windows Metafile) format. One such attack arrives in an e-mail message entitled “happy new year,” bearing a malicious file attachment called “HappyNewYear.jpg” that is really a disguised WMF file, security research companies including iDefense Inc. and F-Secure Corp. said. Full Story

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.