I hate to be alarmist in the new year but...

[stillvisions]

Okay, this one's pretty important. As of a few weeks ago, there's been a very public hole in Windows that pretty much hits all versions. It deals with some part of the image viewer native to Windows, so it's pretty ubiquitous. Viruses disguised as a attachments are nothing new - in this case, it an disguise itself as an image, so watch yourself.

Comments

Thanks for the heads up

[mindtrip101]

I try to keep up on the flaws ans fixes out its just alot to gather. Thanks for the tip i've already forward the info to my ppl at work so we can get ready for this what i say will be a hellish week at the help desk.

Re: Thanks for the heads up

[stillvisions]

Yeah... it's hard to say what the exact impact of this baby will be. It's not a slammer, so it at least requires some user interaction to hit. The bad news is that apparently there are variants which are basically undectable to an IDS, so it won't do to filter that way. There's at least one email worm using it, but time will tell whether or not there's a particularly mobile version. The initial exploits were all spyware force-installers, so it didn't have the initial massive spread.

Interestingly enough, according to one of the sources, this thing may have been around in the windows 3.0 era, which means it has pretty much the biggest vulnerability impact ever.

Good luck to ya - I'm hoping to get at least one of them in my school inbox to take it apart in the safety of a linux system.