Update on the Critical Unpatched Windows Flaw - Washington post

Security Fix warned readers on Wednesday about thousands of malicious Web
sites that are using an unpatched Windows security hole to install spyware,
spam-ware and other programs on computers when their owners merely browse to
one of these sites. As serious as this situation is -- and it is hard to find
a recent Windows threat as potentially dangerous as this one -- the problem
may be more dire than initial reports suggested.

For one thing, the vulnerability being exploited -- a flaw in the way the
operating system renders Windows Metafile or "WMF" image files -- affects
even fully patched Windows systems, and not just Windows XP and Windows 2003
Web server, as previously thought. According to an advisory published by
Microsoft late Wednesday, the flaw is present in every Windows version dating
back to Windows 98.

Wednesday's Security Fix post on this threat was picked up by geek news site
Slashdot, where several readers poo-pooed the exploit, saying that WMF files
are hardly used anymore. Whether they are or not is beside the point:
According to Symantec, the flaw can be exploited using more familiar image
file extensions, such as ".gif" or ".jpg".

What's more, this vulnerability could be exploited by causing an infected
image file to be displayed in any software that relies on the flawed Windows
WMF rendering engine. Put simply, that means the exploit would work if an
user merely viewed one of these images in the preview pane of an e-mail
application like Microsoft Outlook, or even one cut-and-pasted into an
attached Microsoft Word document.