You guys are all heap-big computer folk, and as a result have probably already heard of this. However, in the interests of me not being a terrible person I'll duplicate my livejournal post on the subject.
Raise your hand if you run windows. Put your hand down if you want to have malignant crap running around your computer as a result of viewing images. Not downloading. Viewing. Those of you whose hands are still raised should pay attention.
http://en.wikipedia.org/wiki/2005_WMF_vulnerability
For the sake of procedure here is the patch made by Ilfak Guilfanov: http://www.hexblog.com/security/files/w ... blog14.exe
I know the hexblog site isn't working, but there's another way to get information and the patch Ilfak Guilfanov made.
http://isc.sans.org/diary.php?storyid=994
People should go there. It's the FAQ and has links to patches as well as the procedure to disable (more or less) the vulnerability that fucks you over.
Also, any of you who turn this into a "My OS is better than your OS" pissing contest, you're a prick and you aren't helping. Just a note.
Edit: In case the site currently hosting the fix also goes down, here's another.
http://sunbeltblog.blogspot.com/2006/01 ... icial.html
<p>-------------------------
"It has always been the prerogative of children and half-wits to point out that the emperor has no clothes. But the half-wit remains a half-wit and the emperor remains an emperor." -- Sandman "The Kindly Ones" </p>Edited by: [url=http://p068.ezboard.com/brpgww60462.showUserPublicProfile?gid=kai@rpgww60462>Kai</A] at: 1/3/06 22:52