[Fredslist] [RajGoel] Windows WMF Warning

Raj Goel raj at brainlink.com
Mon Jan 2 18:03:29 EST 2006 

Fellow Gothamites,

 	Welcome to 2006!

There is a nasty bug on the net that hides in windows image files. If you 
open a bad image file in Internet Explorer, it WILL put spyware on your 
PC. Microsoft knows about it, and there is no patch, yet.
   You can read all the gory details at
http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1154914,00.html?track=NL-102&ad=537903

To protect your system, as best as can be done, do the following:

1. Use Firefox version 1.5 or newer for all normal web browsing. (Not
IE, not Opera, and not older Firefox - all are vulnerable). Set
Firefox as the default browser.

2. Set Internet Explorer to High security level. This will make some
pages not work right, but you are going to be using Firefox most of
the time, anyway, right?

3. Only use IE for web sites that you absolutely have to, AND that you
can trust as clean, such as microsoft.com.

4. Set your e-mail program to display all e-mail as TEXT ONLY. Do not
display as html or rtf. Yes, I know this means no more font size
changes or bold and underlined or pretty backgrounds or pictures
showing up in the body of the message. That is the point - just
looking at an infected picture in IE or your mail program can infect you.

     When pictures are attached to e-mail, only save and open those that
you are sure you can trust. Remember, nonsense or nonsequitur e-mails
that seem to be from friends can easily be nastygrams. Ask your
friends who send such about each one before opening the pictures.

5. Don't accept image files in any instant message (IM) program.
Looking at the bad pictures in those programs infects the PC, too.

6. Keep your anti-virus subscription paid up, and run the update on it
AT LEAST once a week.

7. Disable desktop indexing programs (Google Desktop, Windows' Indexing, 
etc.)

 	Hope you haven't been infected.  If you have, feel free to give me 
a call.

-- Raj

Rajesh Goel, CISSP
cell (917) 685-7731
CTO: Brainlink International, Inc.
"IT Crisis Management and Solutions"
HIPAA, Sarbanes-Oxley & GLBA Information Security Compliance

More information about the Fredslist mailing list