New IM Worm Exploiting WMF Vulnerability

Windows users should install an unofficial security patch now according to security researchers at The SANS Institute's Internet Storm Center (ISC). Their recommendation follows a new wave of attacks on a flaw in the way versions of Windows from 98 through XP handle malicious files in the WMF (Windows Metafile) format.

One such attack arrives in an e-mail message entitled "happy new year," bearing a malicious file attachment called "HappyNewYear.jpg" that is really a disguised WMF file, security research companies including iDefense and F-Secure. said Sunday. Even though the file is labelled as a JPEG, Windows recognizes the content as a WMF and attempts to execute the code it contains.

Guilfanov published his patch on his website on Saturday.