Got this from another forum: Brief: A flaw in Microsoft's Windows Meta File has spawned dozens of attacks since its discovery last week, security experts warned Tuesday. The attacks so far have been wide-ranging, the experts said, citing everything from an MSN Messenger worm to spam that attempts to lure people to click on malicious Web sites. The vulnerability can be easily exploited in Windows XP with Service Pack 1 and 2, as well as Windows Server 2003, security experts said. Older versions of the operating system, including Windows 2000 and Windows ME, are also at risk, though in those cases the flaw is more difficult to exploit, said Mikko Hypponen, chief research officer at F-Secure. "Right now, the situation is bad, but it could be much worse. The potential for problems is bigger than we have ever seen," Hypponen said. "We estimate 99 percent of computers worldwide are vulnerable to this attack." The Windows Meta File flaw uses images to execute arbitrary code, according to a security advisory issued by the Internet Storm Center. It can be exploited just by the user viewing a malicious image. Microsoft is still working on a fix for a serious flaw in its OS, leaving people to face a week of increasingly sophisticated attacks. In absence of a fix from Microsoft, security experts advise companies to use unauthorized fix for latest WMF flaw. You can download a checker and fix by Ilfak Guilfanov. For those that don't know him. He's the main author of IDA (Interactive Disassembler Pro) and is arguably one of the best low-level Windows experts in the world. Download from his blog site http://www.hexblog.com/index.html About Ilfak Guilfanov http://www.hexblog.com/about.html I checked my PC before and after. Mine was open to attack
