Beware of Windows Metafile exploit (WMF)

A recently discovered vulnerability with Windows Metafile (WMF) data format is gaining traction in being exploited to target unsuspecting users. An artcle in eWeek warns of adware makers exploiting banner ads to download adware into PCs visiting sites showing these banners.

For the layman, what this means is that you should:

• avoid opening, viewing or saving file attachments (received via email, Instant Messaging, or from Web) ending with WMF, JPG, TIF, PNG, etc. WMF files named with other extensions can just as well unload malicious codes which can in turn execute commands on your workstations. In general, avoid clicking on unsolicited and untrusted links.
• avoid browsing unknown, new, or untrusted websites as web page loaded with specially crafted WMF file can exploit this vulnerability as well.
• It has been reported that this affects Internet Explorer as well as Firebox, and Windows machines with the latest security updates.
• Don't be too happy relying on updated signatures from Anti-virus software providers as this vulnerability can be exploited by malicious codes faster than AV providers can update signatures to identify and block them.

For technical details on this vulnerability, please refer to this note from SecurityFocus.
Microsoft has issued an advisory but apart from informing you, no patch/solution is provided. IMHO, a solution will have to come in the form of a security update for IE and Windows to block this exploit.

category:c4e1_scty