MS05-053 Microsoft Windows Image Viewing Vulnerability



Two notes on the Windows vulnerability patched day before yesterday. There is a trojan in the wild exploiting it and Symantec’s AV definition to detect such an exploit is a bit too paranoid and flags lot’s of emf files as having an exploit for the same. The workaround is to disable emf files from virus scans.


Trendmicro apparently has discovered the trojan, TROJ_EMFSPLOIT.A which causes Explorer to crash. (From the vulnerability details I was expecting worse, but…. remember this will likely be refined as the days go on – we’re at 2 days since the announcement.)

It sounds like the Symantec false positive affects almost all EMF files, but most particularly those generated by Excel.

Related Posts

Blog Traffic Exchange Related Posts
  • WMF zero-day exploit first hand experience Well, I've just spent the better part of 6 hours (maybe a bit more) "sacrificing" a virtual machine to the zero-day Windows Meta File (WMF) exploit and all the malware that comes in. I picked one site from the sunbeltblog list to infect the virtual machine with and can attest......
  • Trojan horse proxy.ahiy and AVG A lot of people seem to be reporting today that AVG is finding files to be infected with trojan horse proxy.ahiy or trojan horse proxy ahiy. From what I've seen, although that may be a valid virus designation from AVG, they are also reporting many legitimate files as this trojan......
  • Nyxem.E virus delete files payload F-secure has some details on a dangerous payload for the Nyxem.E virus. (The Nyxem.E virus is very similar to the Email-Worm.Win32.VB.bi that was talked about earlier in the week.) In fact, this virus seems to be spreading fairly well (not the blockbuster spread of older email viruses, but it is......
Blog Traffic Exchange Related Websites
  • Information Security Definitions - Zero Day Attack (0 Zero Attack) A zero-day attack or threat is a computer threat that tries to exploit unknown, undisclosed or unpatched computer application vulnerabilities. The term Zero Day is also used to describe unknown or Zero day viruses. Zero-day exploits are released before the vendor patch is released to the public. Zero-day exploits generally......
  • Save Time, Money and Space in Over 80 Ways If you're looking for handy gadgets, tools and various items that can save you time, money or space (or all three!) this list of more than 80 top products is just what you need. Everyone's got saving money on their minds these days- whether your at the grocery store, or......
  • Spyware: The New Annoying Threat A friend called me one day, frustrated out of his mind that his computer was acting very strange.  When he opened his Internet Explorer, it sent him to a strange site and pop-up windows kept covering his screen.  He even complained about the performance of his Intel Pentium 4 computer......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site