WMF Exploit FAQ

There is a lot of public information available right now on the WMF Exploit and workaround patches. This article will attempt to answer some basic questions surrounding the WMF Exploit and those patches, including why Microsoft is waiting to release their official patch on January 10th, and rumors of an early MS patch Internet leak.

  1. What is WMF?
    Microsoft defines WMF as the Windows Metafile, a 16 bit metafile image format contained both vector and bitmap data.

  2. What is the issue with WMF?
    The WMF image is a little different from other images, it can call external procedures — one of which can execute code.

  3. How can I get the WMF Exploit?
    The answer to this varies right now, however, one thing is certain, you can get the exploit by visiting an infected web page. Others suggest it can arrive thru email attachments, instant messaging, Lotus Notes, the list goes on.

Continued in full here.

Leave a Reply

Your email address will not be published. Required fields are marked *