I have no idea WTF a WMF file is, but the basic gist is your Windows PC can get very severely hacked simply by visiting a website or opening an e-mail containing a trojaned image file. The exploit was discovered in the wild on Dec 27 but I wasn’t keeping up with geek news over the holidays.
Technical explanation here. A third party patch, unsupported by Microsoft but blessed by security experts, available here. Expert advice is to use the patch until MS releases an official version scheduled to be available on Jan 10. The makeshift patch uninstalls easily.
You might want to practice safe sex on the net for the time being. Porn sites are notorious for spreading computer viruses. Also, there’s a rumor it’s spreading via MSN too. Banner ads from a malware-for-profit company called Exfol are reported to be infected.
It would be a very good idea to make sure your anti-virus software is up to date. If you’re surfing commando or stopped paying for virus definition updates long ago, AVG Anti-Virus is free and trustworthy.
Hey – I know that one – it is a Windows Metafile..a graphics format. I also know what WTF is – want me to explain that one, too?
More good coverage on Steve Gibson’s Security Now! podcast show notes page: http://www.grc.com/sn/notes-020.htm