How Serious Is the WMF Vulnerability?

Opinion: Pretty serious, but it's not end of the world stuff. Lucky for us a white knight came along with an excellent interim solution.

Depending on where you look, most people are either running in circles hysterically or ho-humming the Windows WMF vulnerability.

It does have some of the earmarks of a nasty situation. For one thing, if youre running Windows—any version—youre vulnerable. Even the 1990 version of Windows 3.0 is vulnerable!

While you were out partying this weekend I was reading security discussion lists and testing malware (yes, I know, my wife wants me to seek help for this problem too). Some respected people out there think this is one of the all-time bad ones.

/zimages/2/28571.gifFor advice on how to secure your network and applications, as well as the latest security news, visit Ziff Davis Internets Security IT Hub.

On the other hand, its Monday morning, Jan. 2, and none of the major anti-virus has a serious alert up. McAfee, Symantec, Trend and Panda all show no alarm, and the ones that have a general level of alertness are all showing a low level. Panda can usually be counted on for some hysteria at a time like this, and Computer Associates doesnt even seem aware of the threat on its site.

There is F-Secure, who is showing a Level 2 (out of 3) alert. F-Secure has been on top of this situation from the very beginning, and perhaps it is the only one with staff working to update its site over the holiday.

Well, thats getting a little too mean. As I pointed out in an earlier piece, actual testing of 73 variants of this threat shows excellent protection common among anti-virus vendors. As of Saturday morning, the 100 percent list included AntiVir, Avast, BitDefender, ClamAV, Command, Dr Web, eSafe, eTrust-INO, eTrust-VET, Ewido, F-Secure, Fortinet, Kaspersky, McAfee, Nod32, Norman, Panda, Sophos, Symantec, Trend Micro and VirusBuster. If youre a user of one of these products and you keep your anti-virus updated, odds are good that youre protected against any exploits youre likely to see.

/zimages/2/28571.gifClick here to read more from Larry Seltzer on the WMF flaw.

And as one of the anti-virus vendors pointed out to me, there may be dozens of variants out there and a first attempt at an IM worm, but there is no major attack yet. In other words, there may be a major vulnerability, but there is no major exploit, and youre unlikely to encounter one unless you spend a lot of time on porn sites or already are running adware.

Next page: There are worse attacks than this.