Exploit Released for Unpatched Windows Flaw
woodchuck writes "Washington Post reports that another Windows hole has been found and exploit code is now running lose that makes swiss cheese of current patches and security measures.
From the article: "Security researchers have released instructions for exploiting a previously unknown security hole in Windows XP and Windows 2003 Web Server with all of the latest patches applied. Anti-virus company Symantec warned of the new exploit, which it said uses a vulnerability in the way Windows computers process certain image files (Windows Meta Files, or those ending in .wmf). Symantec said the exploit is designed to download and run a program from the Web that downloads several malicious files, including tools that attackers could use to control vulnerable computers via IRC.""
No you cannot get infected with FF. On Exploder, it is a true worm that installs automatically without user intervention. On FireFox, you have to click a button to allow the site to install the crapware. Granted, 99.999% of Windoze Doodz will probably click it, but at that point the browser has washed its hands of the problem and you cannot blame Firefox for user schtoopidity.
Oh well, what the hell...