The WMF worm has arrived.
We heard about it here first on Dec 27th.
The title of this article just about sums it up
"WMF 0-day: Exploit spreads, defenses few"
Talk about an equal opportunity vulnerability.
You are screwed using MSIE, Firefox or Opera.
Equally (even more so perhaps) if you use MSN to chat.
I lack time to provide any commentary on this right now but I wanted to pass on the following link (for informational purposes only).
If every I have seen a case for responsible disclosure ...
Comments (1)
Nasty.....
I wish all exploit writers took a vacation during the holidays. However, it's quite brilliant from their standpoint. Everyone is home right now and a lot of them are online doing their shopping and reading their e-mail. I think if it came out just before the Christmas rush that it would probably be worse, but now is almost just as bad. They get to maximize their worm exposure...
However, just wait until tomorrow when many companies start up again. What is an admin of a company with 30000 employees going to do? A lot of users have probably brought their laptops home, so that's another worm entry point that's going to cause problems. Most of the admins won't be able to:
A) Install the patch on the computers that they control.
B) Be allowed (via policy) to install a 3rd-party patch (Even though it is endorsed by the ISC).
I don't want to be them tomorrow......I raise a toast to all of them because it's gonna be a bad bad day.
Posted by rpoppa | January 1, 2006 5:12 PM
Posted on January 1, 2006 17:12