Word is spreading that an WMF exploit is spreading. I don’t want to take any chances so I’ve followed the advice given in the this eWeek article as well as on NeoWin.net.
Warning: This workaround requires a change to the registry. If you are not comfortable with making this change, don’t do it. In addition, once you make the registry change, image previewing won’t work. You can restore the Windows feature per the instructions in the eWeek article.
The big concern here is that your machine can be infected by simply visiting a site that has been compromised.
The workaround(s) mentioned in the articles linked above are possibly not foolproof, but they are the best that anyone has come up with yet. I’m watching the Microsoft Security Response Center Blog here for any additional info.
Loren: Your readers need to know that the command-line fix referenced in the eWEEK and NeoWin articles is apparently the only safe fix. The eWEEK article also points to prebuilt registry keys posted by Jerome Athias on the Full Disclosure mailing list . These registry files do not protect your PC according to research conducted by ZDNet’s George Ou:
http://blogs.zdnet.com/Ou/?p=143&part=rss&tag=feed&subj=zdblog
Thanks for the Heads Up!
Thanks Marc! my writing wasn’t clear enough. The command line fix is the best we have right now.