New Windows Exploit
A new windows exploit has been discovered in the wild and the good folks over at Security Focus have a decent amount of information about it. In a nut shell this new exploit takes advantage of the WMF format (Windows Media File) to run malicious code on your computer with the intent to drop spyware or worse on your computer. Simply viewing the file is enough to trigger the exploit.
At this point Microsoft has released a security advisory about the issue, but at this point does not have a solution or patch for the problem. There is a temporary fix for the problem listed at Microsoft.
You need to unregister the affected files. Here are the steps taken from the microsoft website.
To un-register Shimgvw.dll, follow these steps:
1. Click Start, click Run, type “regsvr32 -u %windir%\system32\shimgvw.dll” (without the quotation marks), and then click OK.
2. A dialog box appears to confirm that the un-registration process has succeeded. Click OK to close the dialog box.
Impact of Workaround: The Windows Picture and Fax Viewer will no longer be started when users click on a link to an image type that is associated with the Windows Picture and Fax Viewer.
To undo this change, re-register Shimgvw.dll by following the above steps. Replace the text in Step 1 with “regsvr32 %windir%\system32\shimgvw.dll” (without the quotation marks).
Fey
Update: Microsoft has finally released a patch for this vulnerability.. If you have automatic updates turned on (you really should) then you are probably already patched.. If not, head over to the knowledge base and get the update and install it manually..
Fey