Welcome to the Virus Encyclopedia of Panda Security.
It allows to create EMF images that exploit the Graphics Rendering Engine vulnerability, which would allow to gain remote access to the computer.
|First detected on:||Oct. 21, 2004|
|Detection updated on:||Oct. 21, 2004|
EMFTrojan is a virus constructor, which allows to create images in EMF (Enhanced MetaFile) format that exploit one of the vulnerabilities described in the Microsoft bulletin MS04-032, called Graphics Rendering Engine vulnerability.
EMFTrojan offers several payloads to be included in the malicious EMF image:
- Open a port, through which remote control commands can be sent to the affected computer.
- Download an executable file from the Internet and run it on the affected computer.
These malicious EMF images are then distributed using several different methods. When such a specially crafted EMF image is opened in a vulnerable computer, the code included within is executed, thus compromising the computer.
If you have a Windows 2003/XP/2000 computer, it is very recommendable to visit Microsoft's official website and download and install the security patch for the Graphics Rendering Engine vulnerability.
EMFTrojan is difficult to recognize, as it does not display any messages or warnings that indicate it has reached the computer.