VERY IMPORTANT! FIREFOX AND IE USERS!

Discussion in 'Off Topic Chat' started by slickhare, Jan 2, 2006.

  1. slickhare

    slickhare TPF Noob!

    Joined:
    Nov 26, 2005
    Messages:
    678
    Likes Received:
    10
    Location:
    cali
    WHAT IS IT?
    There is a new exploit out that uses WMF (windows metafile format) files to infect a computer. All you have to do to get infected is view a webpage that has the image on it, or access an infected image that is on your computer. That means the forums can be a vector for infection too. (In fact, user Blue Reptile has already been permabanned for putting the exploit in his signature.)

    WHO IS VULNERABLE?
    The exploit affects Firefox, Internet Explorer, and any other browser that displayes or downloads the file into the cache on the local machine. The file could also be a WMF renamed to any other image type, or possible other filetypes. Anything that puts the image exploit onto your computer or opens it up in windows fax viewer or the part of windows that generates thumbnails of WMF files is a vulnerability. This means any vector that puts the image onto your computer (wget, browser, email, IM, etc) can potentially cause the problem.

    This affects anyone on Windows (98, 98SE, ME, 2000, XP, 2003). USING FIREFOX DOES NOT ELIMINATE THE RISK as the file is still downloaded to your cache in most cases, but it does reduce your chances somewhat since the image is often not displayed in the browser. But if you then interact with the file in any way (thumbnail it, Google Desktop, hover over with the mouse) that causes it to be handled by the windows subsystem responsible for WMF then you will have problems. Once again, YOU CAN BE CAUGHT BY THIS EXPLOIT EVEN IF THE IMAGE DOES NOT SHOW IN THE BROWSER. If you use Windows, your system is vulnerable.

    be careful on forums! people could be putting viruses in their pics!
     
  2. 'Daniel'

    'Daniel' TPF Noob!

    Joined:
    Dec 30, 2004
    Messages:
    1,507
    Likes Received:
    14
    Location:
    Manchester, UK
    What do we do then? use Opera?
     
  3. bace

    bace TPF Noob!

    Joined:
    Aug 10, 2005
    Messages:
    3,941
    Likes Received:
    72
    Can others edit my Photos:
    Photos NOT OK to edit
    So basically, don't use any internet site ever.
     
  4. ferny

    ferny TPF Noob!

    Joined:
    Aug 31, 2004
    Messages:
    8,115
    Likes Received:
    64
    Run windows update? It makes sense to do it every now and then anyway. They're forever funding bugs and holes in Windows and IE.
     
  5. kelox

    kelox TPF Noob!

    Joined:
    Mar 22, 2005
    Messages:
    1,434
    Likes Received:
    24
    Location:
    Coming to you live from Planet MAXXUM, home of the
    Can others edit my Photos:
    Photos NOT OK to edit
    Buy a Mac, then it's a moot point.
     
  6. PlasticSpanner

    PlasticSpanner TPF Noob!

    Joined:
    May 1, 2005
    Messages:
    4,125
    Likes Received:
    51
    Location:
    Cheshire, England
    Can others edit my Photos:
    Photos NOT OK to edit
    It always amazes me how so many of these "warnings" tell you that no matter what you do there is nothing that can stop the latest threat! :lol:

    A motorsport site I visit regularly has warning e-mails posted about viruses and hackers using back doors in online rally and motorsport games too! :lol:

    There are snotty 16 year old kids all over the world bragging to their mates how the e-mail they started has circulated thousands of computers all over the world!:lmao:
     
  7. Alexandra

    Alexandra TPF Noob!

    Joined:
    Nov 3, 2005
    Messages:
    2,599
    Likes Received:
    159
    Location:
    Montreal, Canada
    Is my Norton antivirus useful, here?
     
  8. darin3200

    darin3200 TPF Noob!

    Joined:
    May 3, 2005
    Messages:
    2,078
    Likes Received:
    28
    Location:
    Des Moines, Iowa
    That's sucks, mostly why I use linux as well. However,
    So bascially don't use anything other than an new version of firefox and don't save an images and then open them up that might be dangerous
     
  9. darin3200

    darin3200 TPF Noob!

    Joined:
    May 3, 2005
    Messages:
    2,078
    Likes Received:
    28
    Location:
    Des Moines, Iowa
    Oh, and you only have to worry about this with Windows XP and some server editions. It basically screws up the computer whenever you open an image with microsoft image and fax.
    This article has a workaround
    http://www.eweek.com/article2/0,1895,1906177,00.asp
     
  10. PlasticSpanner

    PlasticSpanner TPF Noob!

    Joined:
    May 1, 2005
    Messages:
    4,125
    Likes Received:
    51
    Location:
    Cheshire, England
    Can others edit my Photos:
    Photos NOT OK to edit
    Who is user Blue Reptile and what forum has he/she been "permabanned" from? :lol:

    I guess it's supposed to add credibility to the e-mail!
     
  11. slickhare

    slickhare TPF Noob!

    Joined:
    Nov 26, 2005
    Messages:
    678
    Likes Received:
    10
    Location:
    cali
    it's a user from a forum that i post on that i got the warning from. it's not a made up person.

    i got this one from someone else, i did not fabricate the contents of this warning. it seemed legit to me, so i thought to myself, what better place for some hotshot dummy to test his new image virus, than on a photography forum? just thought i'd warn everyone just in case. i assure you that i'm not one of these "snotty kids" and i just thought this was legit and wanted to warn people

    but i kno people do fake these emails about fake viruses. i've got some pretty random ones. like i got one that said that if you open your inbox with the bad email in it, you'd get the virus :lmao: great stuff
     
  12. PlasticSpanner

    PlasticSpanner TPF Noob!

    Joined:
    May 1, 2005
    Messages:
    4,125
    Likes Received:
    51
    Location:
    Cheshire, England
    Can others edit my Photos:
    Photos NOT OK to edit
    Please don't get me wrong.:D I didn't mean you're a snotty kid! :lol:

    The majority of the time warnings like these are e-mailed or posted by genuine people passing it on to try to warn & help other people!:thumbup: There are just many more hoax warnings than genuine ones!

    I'd value a warning much more if it came from someone I know who has experienced a problem, fixed it & then posted a warning!:thumbup:

    Years ago my computer was infected with the CIH Virus and it was only bacause a good friend of mine who also happened to work at my ISP warned me about it spreading through their servers that I found it & killed it!:thumbup: :D
     

Share This Page