VML exploit through fake ecard

VML exploit in a fake ecard:

http www sunbelt software com ihs alex fakegreeting 123108 thumb jpg

On our test system, the greeting card in question downloaded a number of pieces of executables: is.exe, ie.exe and cpu.exe.

One assumes this will be sent via spam, but we have not seen any samples.

Credit goes to Roger Thompson over at Exploit Labs and Alex Shipp at MessageLabs.