wmf exploit protection?

Avast Free Antivirus / Premium Security
1

Does Avast! protect against the Windows WMF exploit?

see the Microsoft link below for details:

http://www.microsoft.com/technet/security/advisory/912840.mspx

see Steve Gibson’s Security Now show notes for details:

http://www.grc.com/sn/notes-020.htm

Regards,

Mike

2

Please disregard.

I found the good info in another forum.

Sorry for the inconvenience.

Regards,

Mike

3

Is it a secret!! ;D I mean the other forum :wink:

4

I don’t know the answer about whether Avast can protect against wmf exploit, but there is an interesting thread on Wilder’s Security Forum about how Kerio Firewall users (Free & Paid versions) can protect themselves using a snort rule http://www.wilderssecurity.com/showthread.php?t=113359

5

:smiley: read here please!http://www.wilderssecurity.com/showthread.php?t=113538

6

No secret - I saw the discussion in the avast! Viruses & Worms forum.

BTW, Steve Gibson has posted a link to what he believes is a patch that can be used until Microsoft gets their act togeter.

Check out the top section of http://www.grc.com/sn/notes-020.htm

Cheers

and Happy New Year :smiley:

7

Better still a forum search for WMF Exploit should return the info you seek as it has been discussed in a couple of threads. This being just one of them http://forum.avast.com/index.php?topic=18295.0

So Yes avast covers current exploit variants.

8

Exactly the thread I was referring to.

I also learned about URL blocking using the Web Shield, too!

So, it was “all good”

Cheers.

9

Just pinched this from another website. Good on Ya Avast

Days after the revelation of a flaw in Windows' handling of WMF graphics files, dozens of exploits are being spread from thousands of adware sites. But good protection is available.

At the same time, further testing confirms that a workaround issued by third parties and endorsed by Microsoft Corp. is effective in most regards, and in the most important circumstances, but not in all. Also, the workaround has side effects that could prove troublesome.

AV-Test, which tests anti-malware products, has been tracking the situation closely and has, so far, analyzed 73 variants of malicious WMF files. Products from the following companies have identified all 73:

  • Alwil Software (Avast)
  • Softwin (BitDefender)
  • ClamAV
  • F-Secure Inc.
  • Fortinet Inc.
  • McAfee Inc.
  • ESET (Nod32)
  • Panda Software
  • Sophos Plc
  • Symantec Corp.
  • Trend Micro Inc.
  • VirusBuster

These products detected fewer variants:

  • 62 — eTrust-VET
  • 62 — QuickHeal
  • 61 — AntiVir
  • 61 — Dr Web
  • 61 — Kaspersky
  • 60 — AVG
  • 19 — Command
  • 19 — F-Prot
  • 11 — Ewido
  • 7 — eSafe
  • 7 — eTrust-INO
  • 6 — Ikarus
  • 6 — VBA32
  • 0 — Norman