On December 31,2005 a new (second generation) exploit for the WMF vulnerability has been published. It’s a tool that enables nearly every script-kiddie to create variations of image files. These image files can compromise nearly every common Windows computer by just viewing them. Currently millions of computers on the net are vulnerable ’cause there’s no patch from Microsoft available at the moment.
Considering this I can’t understand why some of so called “security research organisations” make this tool publicly available. To my mind such a behaviour is just irresponsible. Microsoft was already aware of the problem and was (and still is) working on a solution. So the point was already proven !
Publish it if a patch from Microsoft is available, that’s fine by me. BUT NOT RIGHT NOW !
References:
http://www.microsoft.com/technet/security/advisory/912840.mspx
http://www.hexblog.com/2005/12/wmf_vuln.html
