If you’ve read any security sites over the past week, you know about the zero day Windows Meta File vulnerability.
Well it keeps getting worse. Kaspersky reports that there is now a MSN Messenger worm that sends a link to a wmf exploit file. When you follow the link the exploit runs a vbs script to install a bot. Have a nice day.
They also say it is possible to exploit this vulnerability even if shimgvw.dll has been removed from the system. They say that disabling and then removing the dll provides a large measure of protection, but dont think you are safe.
It keeps getting worse. Is anyone else waking up at night thinking about this?