“Really bad” security exploit

Sunbelt Software blog has details of a rather horrible security exploit that’s already out in the wild. As Ed Bott puts it:

This is a zero-day exploit, the kind that give security researchers cold chills. It works by exploiting a weakness in the Windows engine that views graphics in the Windows Metafile (WMF) format. You can get infected by simply viewing an infected WMF image.

Ed also has details on a workaround fix that I’d advise everyone to use. Ironically, it appears that Firefox is safe – not because it’s better, but because there’s a bug in the way it handles Windows Metafiles!

According to F-Secure, so far it’s being exploited by a handful of sites, mostly in Russia. For the time being, steer clear of untrusted sites. There’s some reaction from Microsoft here.