This post was published 3 years 10 months 22 days ago.
It\'s is possible that the information within this article is now out of date or updated.

As I’m sure most of you have heard by now, this is a serious problem.  Simply visiting a website with a specially coded .wmf image can infect your PC with a Trojan.  Actual damage to the PC seems minimal at this point, but the code has been publicly posted (confirmed, I’ve SEEN the code) and could be mutated into something more malicious quite easily. 

According to VirusList, this issue exists if the malicious image has been downloaded or (and more importantly) when viewed in Internet Explorer and possibly Firefox (my cross-reference shows Firefox should be safe so long as you don’t choose to open the file).  Of course, you probably already know about this issue and I’m not writing to inform you for the first time.  Microsoft doesn’t have a fix out yet so my advice would be of course prudence in clicking links, but also to download either Opera Internet Browser or Firefox.  Opera won’t make you invulnerable, but it will, like Firefox, prompt you before automatically opening the file, so if you see a .wmf, be careful.  Previously not freeware (it is now), this is a great browser, my personal favorite, featuring tabbed browsing, a built-in RSS feeder, good security, and an overall good layout.  Give it a shot to help keep your machine safe for now and maybe you’ll even like it enough to hang on to.  Also, reports say that setting your IE security level to high can mitigate risks, if you are inclined to stay with IE.  Many antivirus companies are releasing updates concerning this vulnerability, so make sure you’re updated.

As always, download Windows Updates as you see them, keep your Antivirus software up to date, run a software or hardware firewall if at all possible, and be careful what you click.  Hopefully all of our readers will keep this off their machines.  Happy and safe surfing!

Virus info source: CNET News

Chris Leckness (3547 Posts) - Website | Twitter | Facebook

Chris Leckness is the Owner/Administrator of Mobilitysite. He is a Microsoft MVP, Mobile Devices and a member of the exclusive focus group, Mobius. Chris runs a Mobilitysite, GotZune, and a few other smaller sites and blogs. His personal blog is chris.leckness.com.