MS05-053 Microsoft Windows Image Viewing Vulnerability



Two notes on the Windows vulnerability patched day before yesterday. There is a trojan in the wild exploiting it and Symantec’s AV definition to detect such an exploit is a bit too paranoid and flags lot’s of emf files as having an exploit for the same. The workaround is to disable emf files from virus scans.


Trendmicro apparently has discovered the trojan, TROJ_EMFSPLOIT.A which causes Explorer to crash. (From the vulnerability details I was expecting worse, but…. remember this will likely be refined as the days go on – we’re at 2 days since the announcement.)

It sounds like the Symantec false positive affects almost all EMF files, but most particularly those generated by Excel.

Related Posts

Blog Traffic Exchange Related Posts
  • Trojan horse proxy.ahiy and AVG A lot of people seem to be reporting today that AVG is finding files to be infected with trojan horse proxy.ahiy or trojan horse proxy ahiy. From what I've seen, although that may be a valid virus designation from AVG, they are also reporting many legitimate files as this trojan......
  • WMF exploit testing on Windows 98 I had hoped to get in another test of Windows 98 with yet another WMF viewer (tried Kodak imaging, and irfanview). So far I haven't seen a way that the WMF exploits can work on Windows 98 SE. I'm running out of time before I have to run to some......
  • Microsoft's speed to get security patches out Brian Krebs at the Security Fix has done an interesting study related to how long it takes Microsoft to release a security fix for a problem, starting from the time they are notified of the security vulnerability. For the most part, 134.5 days has been the window between notification and......
Blog Traffic Exchange Related Websites
  • Shopping Fun Facts - The Day After Thanksgiving Black Friday - is the name given to the busy shopping day the Friday after Thanksgiving. This term, which began in the mid 1970s, most likely refers to retailers’ sales moving from the red into the black (making a profit). Not the busiest shopping day?! The day after Thanksgiving is......
  • How To Remove Vista Internet Security 2011 Virus You may be the latest victim of Vista Internet Security 2011. This name-changing virus has the different version, but no matter what version you have, the issues are the equivalent. The cyberpunks who formulated this virus were quite professional to make the program dynamically change its name according to windows......
  • Spyware: The New Annoying Threat A friend called me one day, frustrated out of his mind that his computer was acting very strange.  When he opened his Internet Explorer, it sent him to a strange site and pop-up windows kept covering his screen.  He even complained about the performance of his Intel Pentium 4 computer......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site