14 DAY TRIAL // A scantly clothed Paris Hilton is the last thing that you would associate with a Windows XP vulnerability. But the exuberant sexuality of the millionaire heiress/pop queen/model/home grown porn starlet has no limits. Across either common decency or operating system.
Sunbelt has recently warned that spammed emails containing images with a stripped Paris Hilton are being involved in attacks targeting a critical vulnerability in Graphics Rendering Engine in Windows 2000, Windows XP and Windows Server 2003.
"A new set of spam uses the WMF vulnerability as an exploit - right in the spam. Simply viewing the spam in the preview pane will exploit a system (if you're not patched or don't have adequate AV protection)," revealed Alex Eckelberry from Sunbelt.
It is not the first time that Paris Hilton has been used as incentive to exploit Windows vulnerabilities. At the beginning of April, the Hilton heiress together with porn start Jenna Jameson and pop queen turned redneck Britney Spears were used in exploiting the .ANI file format vulnerability in Windows Vista.
The image at the bottom, courtesy of Sunbelt, is a screenshot of an exploit message. As you can see, the emails appear to have "Nude parishiltonnude.com" as sender. And the date is April 19, 2007, meaning yesterday. Eckelberry explains how the exploit takes place: "The picture on the left is a normal image. That "picture" on the right (with the red x) is a fake WMF image which triggers the exploit."
Microsoft has made available a security update for the Graphics rendering Engine vulnerability since January 5, 2007.
