Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

Should I be worried about this “WMF Exploit” that everyone’s been talking about?

Question: I got an email warning me to basically stay off the internet until next week because of some new virus or something called a “WMF Exploit”. Is it really that serious? Do I really need to stay off line? I’m not sure I can handle the withdrawal from being disconnected that long!

Yes, it’s serious.

But, no, you don’t have to go through withdrawal. In an unprecedented move, Microsoft has released the patch for the problem ahead of schedule.

Become a Patron of Ask Leo! and go ad-free!

If you have Automatic Updates enabled, as most of you should, then you may already have the fix. It appeared on my machines this morning.

“If you don’t have automatic updates enabled, the you should immediately visit the Microsoft page …”

If you don’t have automatic updates enabled, the you should immediately visit the Microsoft page that includes the update for what’s been called the WMF Exploit here. You’ll find downloadable patches to install on your machine that will remove the vulnerability.

Well, most of you will.

At this writing, there is no plan for a fix for Windows 95, 98 or Windows Me, because, as explained in the FAQ section of that page, the issue doesn’t exist, or isn’t as severe, on those operating systems.

So why is this such a big deal?

Because, in a nutshell, simply displaying a picture that was crafted by some malicious individual could result in your machine being infected with viruses, spyware or worse. (“WMF” stands for “Windows MetaFile”, one of the many different formats for computer images.) Simply looking at a picture. In fact, if you have tools such as Google’s desktop installed, it may “look at the picture”, perhaps something attached to a questionable email you received, as part of it’s work, and cause you to be infected, even if you didn’t actually look at it yourself.

While there are few reports of actual damage having been done due to this vulnerability, the potential is certainly there, and you should make sure that you’ve updated as soon as possible.

And as always:

Do this

Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.

I'll see you there!

1 thought on “Should I be worried about this “WMF Exploit” that everyone’s been talking about?”

  1. My school got so scared about it that last weekend, they made it so that all of the 95,000 students in the district could not use paint, Microsoft Pic & Fax Viewer, or Microsoft Photo Editor.


Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.