Thursday, January 5, 2006

Windows Vulnerability Spreads Via IM

The latest Microsoft Windows vulnerability, a hole in Microsoft's handling of Windows Meta File (WMF) data, is spreading by instant messaging, according to the SANS Institute, a computer security monitoring organization. Microsoft has been caught off guard by this latest attack on the Windows operating system, and has said that it will issue a patch on the 10th, although there are worms spreading now using the vulnerability. The vulnerability takes advantage of the way that Windows displays graphics files, and allows attackers to take control of a user's computer simply by viewing a graphics file. San Diego-based instant messaging firewall provider Akonix Systems also reports that there is a worm spreading via instant messaging which takes advantage of the vulnerability, IM-Worm.Win32.Kelvir.WMF.A.