/>
X

Images: Sites infected with WMF Trojan

Here are some Web sites that have been stricken with the WMF Trojan.
bill-detwiler.png
By Bill Detwiler on
11440.jpg
1 of 6 Bill Detwiler/ZDNet

hiding places

A flaw in some versions of Microsoft Windows Meta File is spawning attacks ranging from worms to spam, security experts have warned. The Windows Meta File flaw uses images to execute arbitrary code, according to a security advisory issued by the Internet Storm Center.

Websense Security Labs has posted some examples of sites that appear to have been compromised. This is a Dutch example.

11441.jpg
2 of 6 Bill Detwiler/ZDNet

infected site

A vulnerable Windows system could become infected if someone just views what appears to be a malicious image on this compromised Web site, according to Websense's posting.

11442.jpg
3 of 6 Bill Detwiler/ZDNet

infected site

Another example. Mikko Hypponen, chief research officer at F-Secure, estimates that 99 percent of computers worldwide are vulnerable to an attack using the WMF flaw.

11443.jpg
4 of 6 Bill Detwiler/ZDNet

infected site

Websense, which has been tracking malicious activity around the flaw, says it has discovered malicious sites in the United States, Russia, Netherlands, the United Kingdom, China and Japan.

11444.jpg
5 of 6 Bill Detwiler/ZDNet

infected site

Microsoft has said it plans to release a fix for the WMF vulnerability as part of its monthly security update cycle on Jan. 10.

11445.jpg
6 of 6 Bill Detwiler/ZDNet

Knoppix behavior

This is how a machine running Knoppix, a version of Unix, behaves when a malicious Web site is visited using the open-source Firefox browser. It alerts the Web surfer that a file is being opened.

Related Galleries

A weekend with Google's Chrome OS Flex
img-9792-2

Related Galleries

A weekend with Google's Chrome OS Flex

22 Photos
Cybersecurity flaws, customer experiences, smartphone losses, and more: ZDNet's research roundup
shutterstock-1024665187.jpg

Related Galleries

Cybersecurity flaws, customer experiences, smartphone losses, and more: ZDNet's research roundup

8 Photos
Inside a fake $20 '16TB external M.2 SSD'
Full of promises!

Related Galleries

Inside a fake $20 '16TB external M.2 SSD'

8 Photos
Hybrid working, touchscreen MacBook hopes, cybersecurity concerns, and more: ZDNet's tech research roundup
Asian woman working at a desk in front of a computer and calculator

Related Galleries

Hybrid working, touchscreen MacBook hopes, cybersecurity concerns, and more: ZDNet's tech research roundup

8 Photos
Developer trends, zero-day risks, 5G speeds, and more: Tech research roundup
Person seated at a booth in a cafe looks at their phone and laptop.

Related Galleries

Developer trends, zero-day risks, 5G speeds, and more: Tech research roundup

10 Photos
Drive Electric Day: A dizzying array of EVs in sunny Florida
ca3b4019-26c5-4ce0-a844-5aac39e2c34b.jpg

Related Galleries

Drive Electric Day: A dizzying array of EVs in sunny Florida

16 Photos
Incipio, Kate Spade, and Coach cases for Samsung Galaxy S22 Ultra: hands-on
s22-ultra-incipio-coach-cases-2.jpg

Related Galleries

Incipio, Kate Spade, and Coach cases for Samsung Galaxy S22 Ultra: hands-on

15 Photos