Monday, January 02, 2006

Business impact of the MS Windows WMF vulnerability

If you haven't yet heard, hackers are beginning to exploit a zero-day flaw in the way Microsoft operating systems handle Windows Metafile Format (WMF) files, and malware exploiting this vulnerability is already circulating in the wild. As of this writing, Microsoft has not yet released a fix, but there are temporary workarounds available.

At Computer Economics, we've written a short research byte on the likely economic impact of such malware events on businesses.

Read it here: Microsoft WMF Vulnerability: Business Impact


Anonymous said...

For any company with a competent IT staff (or outside consultant) this should be a non-issue. It is easy to block WMF files. I cannot think of a legitimate business use for a WMF files, but certainly management by exception is a possiblity too.

Frank Scavo said...

Unfortunately, it is NOT a simple matter to block WMF files, because MS operating systems detect and process WMF files based on the internal format, not the filetype. So a malware author can simply change the filetype WMF to JPG and he's in.