«
»

Another workaround for the 0-day WMF Exploit



I notice that the Sunbelt Blog has some instructions up for blocking the zero-day Windows Meta File (WMF) exploit with their newly acquired kerio firewall. (Free or full version.) Either version can use an add-on rule from bleeding-edge snort (intrusion detection signatures…) Instructions in the link above on how to implement the rule addition.

Popularity: 1% [?]

PDF Printer    Send article as PDF   
Blog Traffic Exchange Related Posts
  • WMF exploit virus detection revisited Yesterday, when I was testing the WMF exploit against a Windows 98 virtual machine, I sent samples through virus total and the only antivirus product to detect each of them was "TheHacker" from hacksoft. This evening I was revisiting the exploit (with the new rule for metasploit) and saved 20......
  • More testing on the second WMF exploit After my Windows 98 tests which failed to exploit the system with either the first or the second vulnerability, I started wondering how well the antivirus companies were doing in detecting this second exploit variation. I had setup and updated metasploit so I could test my Windows 98 SE install......
  • Spyaxe Spytrooper spysherriff et al removal There are so many "wolves in sheeps clothing" or maybe I should say wolves in sheepdogs clothing... Anyway, so many nasty malware's that pose as protective utilities. Spyaxe, spytrooper, spy sherriff, etc. There is a tool that is specialized towards removing these. Smitrem which is short for smitfraud removal. (After......
Blog Traffic Exchange Related Websites
  • How to Get Blog Readers Many people start blogging and just assume their blog will have readers. They don't promote much, just with a few social networking and bookmarking sites, and maybe with a few comments in forums. They just assume that if their content is interesting, people will come to their blog. Those blogs......
  • Google Loves You: 10 Top Tips for a Google-Friendly Website Many small businesses believe good Google listings are beyond them. This simply isn’t true. Find out how to be able to say “Google Loves You” and your website. 1. Domain Name Choose a domain name that contains two or three keywords that are the most important keywords for your......
  • [GIVEAWAY] “So Many Shoes, So Little Money” -- Finance Book for Shopaholics HLR reviewed "So Many Shoes, So Little Money" a few weeks ago. At the end of the review, she gave her thoughts and recommendations: It’s crucial for everyone to have at least a basic understanding of personal finance. It is usually not taught in school. Children often do not learn......

Similar Posts


This entry was posted on Thursday, December 29th, 2005 at 4:26 pm and is filed under Computers, Security, Spyware, Tech Support, Viruses, Windows. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.

See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

One Response to “Another workaround for the 0-day WMF Exploit”

  1. Spyware Informer Says:
    December 30th, 2005 at 9:14 pm


    The Zero-Day Exploit

    The new WMF exploit been all over the news lately. Why shouldn’t it be? It’s a huge security risk! How so? For one, it exploits a feature that almost every Windows PC has: a graphics rendering engine. I’m sure that many of you know what this is and …

Switch to our mobile site