| Everyone Read - Windows WMF Vulnerability Patch [message #184510] |
Mon, 02 January 2006 14:25  |
 |
light
Messages: 988
Registered: January 2005
Karma: 0
|
Colonel |
|
|
Last week a vulnerability was found in all versions of windows that allows people to execute arbitrary code using a buffer over-run in Windows Metafiles.
WMF files are images, so can be placed on any website or email and can be used to attack your system.
Please, everyone read: http://grc.com/sn/notes-020.htm
Use this to see if your system is vulnerable: http://www.hexblog.com/2006/01/wmf_vulnerability_checker.htm l
Use this to 3rd party patch to secure it: http://www.hexblog.com/security/files/wmffix_hexblog13.exe
More technical details can be found here: http://www.f-secure.com/weblog/
EDIT:
Due to over-use, the hexblog website has been suspeneded. New Download links hosted on GRC.com
The Checker: http://www.grc.com/miscfiles/wmf_checker_hexblog.exe
and The Patcher: http://www.grc.com/miscfiles/wmffix_hexblog14.exe
EDIT 2:
A revised list of vulnerable OS's. Bascially the two main ones are XP and Server 2003. http://blog.ziffdavis.com/seltzer/archive/2006/01/03/39684.a spx
F-Secure RSS Feed:
Larry Seltzer from eWeek has been doing lots of additional testing against older versions of Windows and bad WMF files.He has just blogged his interesting findings:...in a practical sense, only Windows XP and Windows Server 2003 (in all their service pack levels) are vulnerable to the WMF flaw.
...all versions of Windows back to 3.0 have the vulnerability in GDI32.
Except for Windows XP and Windows Server 2003, no Windows versions, in their default configuration, have a default association for WMF files, and none of their Paint programs or any other standard programs installed with them can read WMF files...So the vulnerability is there on all platforms but it seems that only Windows XP and 2003 are easily exploitable. Unfortunately this still means that majority of Windows computers out there are vulnerable right now. And at least Windows 2000 becomes vulnerable if you're using many of the available third party image handling programs to open image files. On 03/01/06 At 07:29 AMhttp://www.f-secure.com/weblog/#00000764
[Updated on: Wed, 04 January 2006 02:29] Report message to a moderator |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| Re: Everyone Read - Windows WMF Vulnerability Patch [message #184572 is a reply to message #184541] |
Tue, 03 January 2006 13:10  |
 |
Spice
Messages: 1448
Registered: November 2003
Location: Ohio
Karma: 0
|
General (1 Star) |
|
|
Thanks, I just applied the patch.
| csskiller wrote on Tue, 03 January 2006 00:09 |
Just when Microsoft was beginning to win back my vote...
Things by Microsoft that I hate:
|
Actually, Microsoft didn't make Halo, Bungie developed the game, Microsoft only published it. The game still sucks though.
|
|
|
|
| Re: Everyone Read - Windows WMF Vulnerability Patch [message #184576 is a reply to message #184572] |
Tue, 03 January 2006 13:23 |
 |
Lijitsu
Messages: 1575
Registered: April 2005
Location: Georgia, USA
Karma: 0
|
General (1 Star) |
|
|
| EXdeath7 wrote on Tue, 03 January 2006 15:10 |
Thanks, I just applied the patch.
| csskiller wrote on Tue, 03 January 2006 00:09 |
Just when Microsoft was beginning to win back my vote...
Things by Microsoft that I hate:
|
Actually, Microsoft didn't make Halo, Bungie developed the game, Microsoft only published it. The game still sucks though.
|
Thank you for standing up for the game, but why do you hate it? I want a real answer, too. I've been getting shit like: "PC 1S B3774R 7H3N X80X!11!!ONE!" Yes, the PC is better than the Xbox, but the Xbox is a console. You can't upgrade a console like you can a PC.
| Aircraftkiller wrote on Wed, 31 May 2006 22:30 |
I've been Nodbuggered. =( =( =(
|
|
|
|
|
|
|
| Re: Everyone Read - Windows WMF Vulnerability Patch [message #184586 is a reply to message #184554] |
Tue, 03 January 2006 16:29 |
|
light
Messages: 988
Registered: January 2005
Karma: 0
|
Colonel |
|
|
| The Mad Hatter wrote on Wed, 04 January 2006 02:25 |
Thank you.
So once Microsoft release a fix you should uninstall the patch?
|
Correct. Once Microsoft fix this issue, then you will have no need for this patch. It is a temporary measure.
Edit: Here is an updated list of vulnerable systems. Looks like pepole on 98/2000 are more secure than we thought. The two most vulnerable OS's are XP and Server 2003
It can be hidden in an image, so any image could do it, including Xtrm2Matt's signature.
For the record: Halo kicks ass.
[Updated on: Wed, 04 January 2006 02:27] Report message to a moderator |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Search
Help
Members
Register
Login
Home
.
