• IDP Daily Update #1278
  posted: 10/07/08
  
• NSM Daily Update #1278
  posted: 10/07/08
  
• Deep Inspection 5.3r5 and above, 5.4, 6.0 #1278
  posted: 10/07/08
  
• Deep Inspection 5.1, 5.2, 5.3r4 and below #1274
  posted: 10/07/08
  
• Deep Inspection 5.0 #1132
  posted: 04/01/08
  
• Antivirus
  posted: 10/07/08

Text Size:        

• Product Information
• Security Products Overview
• Juniper Networks ISG Series
• IDP Demo
• Product Poster & Z-Card 

Windows Meta File Vulnerability

28 Dec 2005 16:07:00 +0300

Kaspersky Lab has raised its alert level to yellow. This is because several Trojan programs which exploit the new Windows Meta File vulnerability have been detected in the wild.

The vulnerability itself is regarded as extremely critical (the highest possible rating). As yet, there is no patch for this vulnerability.

Computers running Windows XP with SP2, Windows XP with SP1, and Microsoft Windows Server 2003 SP0/SP1 are affected by this vulnerability.

The vulnerability functions in Internet Explorer, and may function in Firefox if certain conditions are met.

The programs detected by Kaspersky Lab which exploit this vulnerability are Trojan-Downloaders, which install other Trojan programs on the victim machine. At the moment, Trojan programs are being downloaded from unionseek.com and iframeurl.biz. New modifications of these programs may appear.

Antivirus database updates which include detection for these Trojan programs have been released. Users are strongly recommended to update antivirus databases on a regular basis.

We also strongly recommend that users do not open files with a *.wmf extension and set their Internet Explorer security settings to 'High'.

More information about the vulnerability is available at:
http://secunia.com/advisories/18255/ and
http://www.securityfocus.com/bid/16074/info