Images: Sites infected with WMF Trojan

1 of 6
  • hiding places

    hiding places

    A flaw in some versions of Microsoft Windows Meta File is spawning attacks ranging from worms to spam, security experts have warned. The Windows Meta File flaw uses images to execute arbitrary code, according to a security advisory issued by the Internet Storm Center.

    Websense Security Labs has posted some examples of sites that appear to have been compromised. This is a Dutch example.

    Caption by: Bill Detwiler

  • infected site

    infected site

    A vulnerable Windows system could become infected if someone just views what appears to be a malicious image on this compromised Web site, according to Websense's posting.

    Caption by: Bill Detwiler

  • infected site

    infected site

    Another example. Mikko Hypponen, chief research officer at F-Secure, estimates that 99 percent of computers worldwide are vulnerable to an attack using the WMF flaw.

    Caption by: Bill Detwiler

  • infected site

    infected site

    Websense, which has been tracking malicious activity around the flaw, says it has discovered malicious sites in the United States, Russia, Netherlands, the United Kingdom, China and Japan.

    Caption by: Bill Detwiler

  • infected site

    infected site

    Microsoft has said it plans to release a fix for the WMF vulnerability as part of its monthly security update cycle on Jan. 10.

    Caption by: Bill Detwiler

  • Knoppix behavior

    Knoppix behavior

    This is how a machine running Knoppix, a version of Unix, behaves when a malicious Web site is visited using the open-source Firefox browser. It alerts the Web surfer that a file is being opened.

    Caption by: Bill Detwiler

1 of 6

Here are some Web sites that have been stricken with the WMF Trojan.

Read More Read Less

hiding places

A flaw in some versions of Microsoft Windows Meta File is spawning attacks ranging from worms to spam, security experts have warned. The Windows Meta File flaw uses images to execute arbitrary code, according to a security advisory issued by the Internet Storm Center.

Websense Security Labs has posted some examples of sites that appear to have been compromised. This is a Dutch example.

Caption by: Bill Detwiler

1 of 6

Related Topics:

Security Security TV Data Management CXO Data Centers

Related Galleries

    • 1 of 3

  • Apricorn Aegis Secure Key 3NXC

    The new Aegis Secure Key 3NXC builds on Apricorn's Secure Key 3z and Aegis Secure Key 3NX, taking the same proven form-factor and physical keypad, and adding something that users have ...