I’ve been meaning to mention the latest Windows flaw that’s been the source of much panic. It’s a flaw in the graphics rendering engine in how it handles the Windows Metafile Format (WMF) that could allow a remote attacker to execute code on your PC. The interesting thing is that this flaw has been around since almost the very beginning and it’s only just come to light. This one is pretty nasty and there’s already over a dozen different exploits that try to take advantage of it.
That’s the bad news. The good news is that Microsoft has bowed to pressure and released a patch for the flaw ahead of schedule—originally they weren’t going to release it until the next regularly scheduled path release—so all you need to do is visit Windows Update and hit the Express button to get it. As long as you have a decent virus scanner that’s up-to-date then chances are you don’t have to worry about having any of the exploits on your system—I use Avast! myself and it catches all the known exploits—but it still wouldn’t hurt to make a point of getting the patch installed as soon as you can.
Thanks to Neil Turner’s entry for reminding me that I still needed to post something about this myself.