Another workaround for the 0-day WMF Exploit



I notice that the Sunbelt Blog has some instructions up for blocking the zero-day Windows Meta File (WMF) exploit with their newly acquired kerio firewall. (Free or full version.) Either version can use an add-on rule from bleeding-edge snort (intrusion detection signatures…) Instructions in the link above on how to implement the rule addition.

Related Posts

Blog Traffic Exchange Related Posts
  • WMF exploit virus detection revisited Yesterday, when I was testing the WMF exploit against a Windows 98 virtual machine, I sent samples through virus total and the only antivirus product to detect each of them was "TheHacker" from hacksoft. This evening I was revisiting the exploit (with the new rule for metasploit) and saved 20......
  • Microsoft Updates for October and bugs on the loose Well, it's been a bit since a post here, but if you haven't already patch your systems with Microsoft update, as new updates were released yesterday. Incidents.org is reporting rumors of bugs in the wild. Everyone KNOWS the window between vulnerability and exploit is getting shorter and shorter, so if......
  • More testing on the second WMF exploit After my Windows 98 tests which failed to exploit the system with either the first or the second vulnerability, I started wondering how well the antivirus companies were doing in detecting this second exploit variation. I had setup and updated metasploit so I could test my Windows 98 SE install......
Blog Traffic Exchange Related Websites
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

One Response to “Another workaround for the 0-day WMF Exploit”

  1. Spyware Informer Says:


    The Zero-Day Exploit

    The new WMF exploit been all over the news lately. Why shouldn’t it be? It’s a huge security risk! How so? For one, it exploits a feature that almost every Windows PC has: a graphics rendering engine. I’m sure that many of you know what this is and …


Switch to our mobile site