McAfee has released a notice that Exploit-WMF is resulting in a high
volume of spam.  It is traveling as a mail message with the following
characteristics:

Subject: Happy New Year
Body: picture of 2006
Attachment: HappyNewYear.jpg (actually a WMF file with a .JPG extension)

More information about Exploit-WMF is available from McAfee at:

http://vil.nai.com/vil/content/v_137760.htm

This exploit takes advantage of the meta file vulnerability I mentioned a
few days ago which permits the execution of a malicious .wmf file on
Windows machines.  More information is available at:

http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33721
http://www.microsoft.com/technet/security/advisory/912840.mspx

Please take precaution, don't open attachments you weren't expecting, even
if they arrive from people you know.

Questions or problems?  Please contact CIT Helpline at 656-2604 or
http://www.uvm.edu/cit/help .