The Windows Metafile vulnerability requires user interaction for exploit, therefore it (to my knowledge) isn't worm-able. As to why we didn't see a major virus outbreak, perhaps all the black-hats were away on holiday :)
My personal hypothesis is that malicious virus writers really aren't that smart. We might see some threat agents for this vulnerability in a few months, after the real risk has passed. After all, a truly intelligent person can make money or gain notoriety through less dangerous and better paying means (perhaps as a vulnerability researcher). Any other theories? On 9 Jan 2006 17:34:18 -0000, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > Hi, > > The WMF threat was and continues to be important. > But I'm curious to know why we didn't observe any important attack on > Internet? > > WMF was a perfect Zero-Day attack and a scenario like the blackout of > Internet was possible … but nothing … or no important attack! > No BOT virus deployed? No DOS worm attack? … > > All hackers become white-hat? > Or they attacked and we didn't see anything? > > Any hypothese / explanation ? > > Regards, > Pejman >
