|
Security alert AL-2005.0043 [Windows]
Security alert AL-2005.0043 [Windows]
A Windows Security Advisory (912840) suggests there is a file handling
security flaw affecting the following Windows operating systems:
- Windows XP SP2 and prior [Ie., Latest and fully patched Windows OS]
- Windows 2000 SP4 and prior
- Windows Server 2003 SP1 and prior
- Windows 98
- Windows ME
This flaw is being actively exploited on the Internet. Here are some
things you can do to help keep your Windows computer safe:
- Don't click links in unsolicited e-mail (it is hoped few people nowadays
would risk doing so anyway as this is an extremely risky practice).
- Don't open WMF files if you don't know or trust the source.
- Don't browse to suspect sites (including crackz.ws,
unionseek.com,tfcco.com,iframeurl.biz,beehappyy.biz)
Considerations
- This flaw means that opening a WMF image file in Internet Explorer or Mozilla Firefox may
trigger execution of arbitrary code, leading to a system compromise at the
privilege level of the user (eg., if you have Administrator privileges
then the compromise will unfortunately be at the Administrator level).
- As of this writing, there is no Microsoft patch that fixes this
vulnerability.
Keeping your Antivirus definitions up to date and using Windows
Update to automatically patch your computer are among Microsoft's
recommendations. It is hoped Microsoft will soon provide a patch for this
flaw.
Links
Microsoft Security Advisory 912840
http://www.microsoft.com/technet/security/advisory/912840.mspx
AusCERT Alert AL-2005.0043
http://www.auscert.org.au/5872
Would you like to know more?
Contact Physics IT Support at help@phys.unsw.edu.au
if you'd like further details.
|
