Anti-virus vendor Trend Micro Inc. has spotted a Trojan in the wild attacking Windows users via the image rendering flaws patched by Microsoft Corp. two days ago.


The Trojan, identified as TROJ_EMFSPLOIT.A, causes the "explorer.exe" file to crash, causing the taskbar on unpatched Windows machines to disappear.

The "explorer.exe" process is a required file used to manage the Windows Graphical Shell including the Start menu, taskbar, desktop and File Manager. A malicious attack that disrupts those essential services is considered very disruptive.

Trend Micro described the exploit as a "proof-of-concept Trojan" that exploits the Graphics Rendering Engine vulnerability patched by Microsoft earlier this week.

Microsoft rated the flaw as "critical" and warned that a successful exploit could let an attack take "complete control" of unpatched Windows 2000, Windows XP (including SP2) and Windows Server 2003, but the Trojan identified by Trend Micro simply causes a denial-of-service condition.

This news article was written on November 11, 2005, quoting eWEEK.