SANS has reports of a Windows exploit related to the Windows Graphics Rendering Engine which looks very serious.  The exploit uses a malformed Windows Meta File (WMF) image to drop a fake antispyware/antivirus application onto the system.  This works on fully patched Windows XP systems running SP2.

This is a very serious vulnerability and it again puts Windows users at risk when visiting websites. 

This affects Internet Explorer, Firefox and Opera users.

EDIT

------------------------------------------

There is now a possible workaround for the vulnerability:

• Click on Start > Run.
• Type:
  regsvr32 /u shimgvw.dll
• Click OK
• Click OK again when the dialog appears.

Note that this can have an effect on the display of some thumbnails in Windows.

More coverage at Security Fix and the SunBelt blog here and here.

Technorati Tags: Windows Meta File, WMF, Windows XP, SP2, Internet Explorer, Firefox, Opera

This entry was posted on Wednesday, December 28th, 2005 at 08:25 and is filed under Stay Secure. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.