Well, Microsoft has once again managed to screw their customer base over again. Apparently, there is a new series of WORMs going around that exploit a security hole in the WMF image file format. WMF stands for Windows Meta File, and was originally a Microsoft-proprietary graphic image file format. I won’t say what I think WMF stands for…
This is what Winn Schwartau says about it on his blog:
THIS IS SERIOUS FOLKS…
If there was EVER a time to get nervous, this is it. If you use a WinTel machine made anytime since, say, ah… forever… you could be in big trouble. No kidding or FUD here.
The new WMF Worm/Virus is really nasty… and you guys better get clear on what to do! (Microsoft AIN’T gonna help you… until next week! That’s like having a broken transmission in your car, yet you’re supposed to still drive it while the automaker decides if it’s important enought to fix.)
Merely clicking on an IMAGE can infect your computer with spyware, adware or whatever else the malicious hacking types come up with.
(BTW: Mac folks? Ignore this… unlesss you want to warn your WinTel friends!)
Well, this is one of the very reasons I’ve been using a Mac PowerBook as my primary computer for almost four years now. I just got tired of having to deal with all the problems that occur when you rely on a Wintel box–viruses, trojans, spyware, BSODs and other problems. My Mac just works.
The really criminal part of all of this is Microsoft’s attitude about a security hole that is so potentially dangerous. They aren’t willing to release a patch for the problem until their next security update, on January 10th. Also, many home users fail to get many of the patches on a timely basis, if at all.
Fortunately, the security folks have come up with a patch for it. You can get it over at Steve Gibson’s website, www.grc.com. Winn recommends that you go and get the patch (not a Microsoft patch BTW) and check your firewall using their Shields Up service. I’d agree, as I’ve been recommending Steve Gibson’s most excellent site to my friends for years.
He also advocates using FireFox instead of Internet Explorer. This is something I’ve been recommending for my friends and family for years as well. Having the browser too tightly integrated in to the operating system has been a problem since IE 3.0, where the idiots over at Microsoft introduced ActiveX controls for their browser.