AMD forums laid low by Windows exploit
Fan forum is taken offline after attack via Microsoft's Windows Meta File flaw is found on the site. Screenshot: AMD forum under attack
Mikko Hypponen, chief research officer at F-Secure, posted an item on the company's blog Monday outlining a WMF exploit on the home page for AMD-sponsored discussion forums. The exploit has since been removed, AMD said.
WMF exploits can trick users into viewing images or visiting Web sites that carry malicious software called Trojan horses. Once installed on a vulnerable PC, the software can allow an attacker to execute code on the system.
The forums were taken offline as soon as AMD learned of the exploit, said Drew Prairie, a spokesman for the Sunnyvale, Calif.-based chipmaker. The forums are maintained by another company that apparently failed to update its software in order to protect against the exploit, he said. Prairie was unaware of the name of the company, which is dealt with by AMD's staff in Europe.
The forums were back online late Monday afternoon. A poster started a thread on Saturday warning other forum users about the exploit. The discussions on the site usually center around building AMD-based PCs or bashing Intel, but visitors over the weekend got an unexpected lesson in Windows and Internet Explorer security techniques.
Microsoft was forced to issue an out-of-cycle patch in early January in response to the nasty WMF flaw, after originally planning to include the fix along with its usual monthly batch of patches. Windows users who downloaded that patch when it was distributed were protected if they visited the AMD discussion forum on Monday, Prairie said.