Websense Security Labs™ has received reports of a Trojan horse that attempts to trick users into visiting a malicious website to run malicious code. Users receive an email with the subject "Attention Bird Flu in England." The body requests users to click on a link to go either of two websites to get more information... Upon clicking on a link, users are directed to a website...within the HTML, an IFRAME is loaded that uses the recent WMF exploit to run code without user-intervention. The code is a Trojan horse downloader, which connects to another site to download new malicious code. The filename is "expl1.wmf," which downloads and runs "expl1.exe."