Renegade Public Forums
C&C: Renegade --> Dying since 2003™, resurrected in 2024!
Home » General Discussions » General Discussion » Everyone Read - Windows WMF Vulnerability Patch
Everyone Read - Windows WMF Vulnerability Patch [message #184510] Mon, 02 January 2006 14:25 Go to previous message
light is currently offline  light
Messages: 988
Registered: January 2005
Karma:
Colonel
Last week a vulnerability was found in all versions of windows that allows people to execute arbitrary code using a buffer over-run in Windows Metafiles.

WMF files are images, so can be placed on any website or email and can be used to attack your system.

Please, everyone read: http://grc.com/sn/notes-020.htm
Use this to see if your system is vulnerable: http://www.hexblog.com/2006/01/wmf_vulnerability_checker.htm l
Use this to 3rd party patch to secure it: http://www.hexblog.com/security/files/wmffix_hexblog13.exe

More technical details can be found here: http://www.f-secure.com/weblog/

EDIT:

Due to over-use, the hexblog website has been suspeneded. New Download links hosted on GRC.com

The Checker: http://www.grc.com/miscfiles/wmf_checker_hexblog.exe
and The Patcher: http://www.grc.com/miscfiles/wmffix_hexblog14.exe

EDIT 2:

A revised list of vulnerable OS's. Bascially the two main ones are XP and Server 2003. http://blog.ziffdavis.com/seltzer/archive/2006/01/03/39684.a spx

F-Secure RSS Feed:

Larry Seltzer from eWeek has been doing lots of additional testing against older versions of Windows and bad WMF files.He has just blogged his interesting findings:...in a practical sense, only Windows XP and Windows Server 2003 (in all their service pack levels) are vulnerable to the WMF flaw.
...all versions of Windows back to 3.0 have the vulnerability in GDI32.

Except for Windows XP and Windows Server 2003, no Windows versions, in their default configuration, have a default association for WMF files, and none of their Paint programs or any other standard programs installed with them can read WMF files...So the vulnerability is there on all platforms but it seems that only Windows XP and 2003 are easily exploitable. Unfortunately this still means that majority of Windows computers out there are vulnerable right now. And at least Windows 2000 becomes vulnerable if you're using many of the available third party image handling programs to open image files. On 03/01/06 At 07:29 AMhttp://www.f-secure.com/weblog/#00000764


http://www.azupload.com/displayImage.php/setid2745.png

[Updated on: Wed, 04 January 2006 02:29]

Report message to a moderator

 
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message icon7.gif
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: FUDForum upgrade
Next Topic: OT: Funny commercial
Goto Forum:
  


Current Time: Wed Dec 11 05:34:14 MST 2024

Total time taken to generate the page: 0.01126 seconds