Mikko Hypponen
Mikko Hypponen
Mikko Hermanni Hyppönenis a computer security expert and columnist...
NationalityAmerican
ProfessionScientist
CountryUnited States of America
attacks buddy click dozens exploits files image messenger people seen send several since spam tries users using worm
We have seen dozens of different attacks using this vulnerability since Dec. 27. One exploits image files and tries to get users to click on them; another is an MSN Messenger worm that will send the worm to people on your buddy list, and we have seen several spam attacks.
although bug code exploit known moment older
Although the WMF bug is there (in the older versions), there's no known code at the moment to exploit it.
exploit
This is enough to invoke the exploit and infect the machine.
viruses worked year
I've worked with viruses for 15 years and things have been getting progressively worse. This year is going to be bad.
awhile figure home people reported
These will only get reported when people get home from work, and it will take awhile before they figure out who to call.
bad brand buy computer five infected internet plug situation ten turn within worm
The situation on the Internet right now is so bad that if you go and buy a brand new computer and turn it on and plug it into the Internet, it will be infected by a worm within five to ten minutes,
beyond corporate finds quite spread worm
The worm can spread quite well once it finds its way beyond corporate firewalls.
bigger computers estimate percent potential problems situation vulnerable worldwide
Right now, the situation is bad, but it could be much worse. The potential for problems is bigger than we have ever seen. We estimate 99 percent of computers worldwide are vulnerable to this attack.
check clicking convincing fairly site surfing
Everything would look fairly convincing if they did some surfing to check out the site before clicking on the link. But they would still get burned.
ask asks bank fake fooled gets money moves next problem says target
The target is fooled into logging into a fake bank, where they ask for his authorization code. The fake bank logs into the real bank with the one-time password and moves money around. Then it gets back to the customer, says there has been a problem and asks him to give the next code.
believe blame break cycle everybody found microsoft next patch release soon test wanting widespread worm
Everybody would like to see the patch as soon as possible, but I can't blame Microsoft for wanting to test it thoroughly. However, if a widespread worm is found before next Tuesday, I do believe they will break the cycle and just release the patch.
computers happened running testing virus
As the virus is not new it's 2 years old this could only have happened if those testing computers were not running any anti-virus programs,
attacks aware moment
At the moment we are not aware of any attacks that would have used this vulnerability.
code ends internet seen shared whether
It all comes down to whether the code ends up being shared or not. We have not seen it out on the Internet yet.