Major Windows Security Flaw*

I have been sitting on this story for about a week, trying to sort out fact from fiction and, hopefully provide you some sort of work around, but it appears from this story that no fix will be forthcoming from Microsoft until, at least, January 10. Until then, you need to be extra careful about clicking on links or running attachments.

I would recommend checking your anti-virus program for updates each day until this is fixed, so that you get any updates the anti-spyware and anti-virus companies might provide in the meantime.

If you are effected by this exploit, anti-spyware products, like Ad-Aware and Microsoft Anti-Spyware should be able to remove anything that gets installed.

Windows PCs face ‘huge’ virus threat
By Kevin Allison in San Francisco
Published: January 2 2006 18:18

"...The flaw, which allows hackers to infect computers using programs maliciously inserted into seemingly innocuous image files, was first discovered last week. But the potential for damaging attacks increased dramatically at the weekend after a group of computer hackers published the source code they used to exploit it. Unlike most attacks, which require victims to download or execute a suspect file, the new vulnerability makes it possible for users to infect their computers with spyware or a virus simply by viewing a web page, e-mail or instant message that contains a contaminated image..." [Continue Reading]

* Updated (2:40pm PST): Detailed discussion on this issue from SlashDot

Technorati Tags:technology, windows, virus, exploit