MS05-053 Microsoft Windows Image Viewing Vulnerability



Two notes on the Windows vulnerability patched day before yesterday. There is a trojan in the wild exploiting it and Symantec’s AV definition to detect such an exploit is a bit too paranoid and flags lot’s of emf files as having an exploit for the same. The workaround is to disable emf files from virus scans.


Trendmicro apparently has discovered the trojan, TROJ_EMFSPLOIT.A which causes Explorer to crash. (From the vulnerability details I was expecting worse, but…. remember this will likely be refined as the days go on – we’re at 2 days since the announcement.)

It sounds like the Symantec false positive affects almost all EMF files, but most particularly those generated by Excel.

Related Posts

Blog Traffic Exchange Related Posts
  • WMF exploit virus detection revisited Yesterday, when I was testing the WMF exploit against a Windows 98 virtual machine, I sent samples through virus total and the only antivirus product to detect each of them was "TheHacker" from hacksoft. This evening I was revisiting the exploit (with the new rule for metasploit) and saved 20......
  • Internet Explorer zero-day exploit? The folks over at The Sans Institute (Incidents.org) are reporting on a possible zero-day ( 0-day ) exploit against Microsoft Internet Explorer. (A zero day exploit is the name given to an exploit of a previously unknown vulnerability.) Their analysis essentially had the machine they were using go to 100%......
  • WMF exploit and Windows 98 Most of the talk on the WMF zero-day has centered on Windows XP, 2000 and 2003. The unofficial patch is available for those three platforms. Microsoft's (eventual) patch will likely be for those as well. Incidents.org had a comment in one of their posts that this would be a "watershed......
Blog Traffic Exchange Related Websites
  • Shopping Fun Facts - The Day After Thanksgiving Black Friday - is the name given to the busy shopping day the Friday after Thanksgiving. This term, which began in the mid 1970s, most likely refers to retailers’ sales moving from the red into the black (making a profit). Not the busiest shopping day?! The day after Thanksgiving is......
  • How To Remove Vista Internet Security 2011 Virus You may be the latest victim of Vista Internet Security 2011. This name-changing virus has the different version, but no matter what version you have, the issues are the equivalent. The cyberpunks who formulated this virus were quite professional to make the program dynamically change its name according to windows......
  • Spyware: The New Annoying Threat A friend called me one day, frustrated out of his mind that his computer was acting very strange.  When he opened his Internet Explorer, it sent him to a strange site and pop-up windows kept covering his screen.  He even complained about the performance of his Intel Pentium 4 computer......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site