Originally posted here by jockey0109

Also, you didnt answer one of my questions : Will the file also infect the PCs which dont know how to handle perl??? I preassume an affirmitive response coz as you say, the script creats the WMF file which does the job in turn! However the creation of this file is p[ossible only on machines which understand how to handle the script in perl!! ...... or am I wrong somewhere???
I answered that question with this line:
So no perl is not required on the system, perl is only required by the malicious user.
The exploit exists in WMF.... it has nothing to do with perl... perl is being used to write the malicious file... I can write the malicious file and that is all that is needed to crash a system... I write the malicious file, attach it to an email and send it to a Windows user... they get the email, view the attachment and bang... their system crashes... No need for them to have perl because perl has nothing to do with the actual exploit..