A new wmf exploit code has been released and was tagged as a yellow alert by ISC SANS!!! The proof of concept code is posted by FrSIRT. ISC SANS said that
” The source code claims to be made by the folks at metasploit and xfocus, together with a anonymous source.”
Furthermore, SANS also mentioned that any image extension can be used (not only .wmf). Check out SANS blog “New exploit released for the WMF vulnerability – YELLOW (NEW)”.
It is also noted that a temporary workaround for the vulnerability can be found in Hex Blog: Windows WMF Metafile Vulnerability HotFix also mentioned in the SANS blog. Be reminded that this is only a temporary fix and it is for Windows XP SP2 and XP 64-bit only. The author of the fix recommend that
“official Microsoft patch should be used as soon as it is available.”
So much for this wmf vulnerability. BTW, I just want to share a good WMF FAQ discussed at SANS.