MS05-053 Microsoft Windows Image Viewing Vulnerability



Two notes on the Windows vulnerability patched day before yesterday. There is a trojan in the wild exploiting it and Symantec’s AV definition to detect such an exploit is a bit too paranoid and flags lot’s of emf files as having an exploit for the same. The workaround is to disable emf files from virus scans.


Trendmicro apparently has discovered the trojan, TROJ_EMFSPLOIT.A which causes Explorer to crash. (From the vulnerability details I was expecting worse, but…. remember this will likely be refined as the days go on – we’re at 2 days since the announcement.)

It sounds like the Symantec false positive affects almost all EMF files, but most particularly those generated by Excel.

Related Posts

Blog Traffic Exchange Related Posts
  • WMF exploit and Windows 98 Most of the talk on the WMF zero-day has centered on Windows XP, 2000 and 2003. The unofficial patch is available for those three platforms. Microsoft's (eventual) patch will likely be for those as well. Incidents.org had a comment in one of their posts that this would be a "watershed......
  • Microsoft's speed to get security patches out Brian Krebs at the Security Fix has done an interesting study related to how long it takes Microsoft to release a security fix for a problem, starting from the time they are notified of the security vulnerability. For the most part, 134.5 days has been the window between notification and......
  • Internet Explorer zero-day exploit? The folks over at The Sans Institute (Incidents.org) are reporting on a possible zero-day ( 0-day ) exploit against Microsoft Internet Explorer. (A zero day exploit is the name given to an exploit of a previously unknown vulnerability.) Their analysis essentially had the machine they were using go to 100%......
Blog Traffic Exchange Related Websites
  • How To Remove Vista Internet Security 2011 Virus You may be the latest victim of Vista Internet Security 2011. This name-changing virus has the different version, but no matter what version you have, the issues are the equivalent. The cyberpunks who formulated this virus were quite professional to make the program dynamically change its name according to windows......
  • Information Security Definitions - Zero Day Attack (0 Zero Attack) A zero-day attack or threat is a computer threat that tries to exploit unknown, undisclosed or unpatched computer application vulnerabilities. The term Zero Day is also used to describe unknown or Zero day viruses. Zero-day exploits are released before the vendor patch is released to the public. Zero-day exploits generally......
  • Trojan Horse Protection - Antivirus Trojan Software In today’s online environment it’s important to know what risks lie ahead at each click. This paper will describe so of the malicious kinds of attacks your Home/Office PC may encounter online. Now I’m sure we have all heard of Viruses online and some of you have heard of Trojans.......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site