Announcement

Collapse
No announcement yet.

Windows WMF exploit - serious

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    Windows WMF exploit - serious

    See this:

    http://isc.sans.org/

    Bob
    Supporting the environment. This post uses 100% recycled electrons.
    Bob Isaac
    Director/Web Admin
    Volvo Owners Club Ltd

    Actinic MS Business Version 8.5.2

    #2
    Yep. You've got to hand it to Microsoft.

    The holy grail of malware writers was to be able to get some malevolent code into an image. This was long considered impossible until a year ago when it was divulged that a Microsoft library routine flaw allowed a JPEG to be so poisoned. The list of programs using this code is huge.

    Now they've done it again to the WMF format.

    The official Microsoft advisory is on http://www.microsoft.com/technet/sec...ry/912840.mspx

    Be aware that their Workaround (from the technet note above which I installed as soon as I heard of this) messes up Windows Explorer: Thumbnail View, and will also make it very hard to alter various Display Settings (like changing Backgrounds). Still it's better to install the workaround and endure these display problems than risk the malware that's out there already.

    What I've done is to copy / paste the bit of info about Unregistering / Reregistering Shimgvw.dll into a textfile on my Desktop to remind me how to temporarily undo the protection workaround if I need to change some settings.
    Norman - www.drillpine.biz
    Edinburgh, U K / Bitez, Turkey

    Comment

    Working...
    X