Lotus Notes WMF vulnerability



This is really the same zero-day wmf vulnerability, but there is a twist. It’s been found that Lotus Notes v. 6.x and up are vulnerable to the Windows Meta File (WMF) exploit that’s making the rounds. Probably not surprising given that there are reports of many vectors of attack, not JUST the web browser. What makes this one noteworthy is that it is vulnerable EVEN WITH THE regsvr32 WORKAROUND. The only other solution that’s been reported thus far is DEP (Data Execution Protection) with supported DEP hardware.


So, once again, I’m left warning you to be cautious and be suspicious of unsolicited links, images and emails. A patch from Microsoft may be some time off. From what I’ve read some antivirus vendors are not encouraged that it will be a quick fix.

Related Posts

Blog Traffic Exchange Related Posts
  • Microsoft Vista hardware requirements... Microsoft has started releasing details of the hardware requirements for the upcoming release of Vista. It appears there are two categories of requirements. One is a bare minimum for vista, the other is a minimum for Vista Premium. They're calling the specs Vista Capable and Premium Ready... "Capable" systems will......
  • RealVNC 4.1.2 update to patch security vulnerability A few hours back, I updated My first post on the RealVNC 4.1.1 vulnerability and just saw another story that did not specify WHICH variation of VNC was at risk. TightVNC and UltraVNC seem to be immune according to the discoverer of the flaw. And as far as I've seen,......
  • Another Win98 patch for WMF vulnerability There's another patch for those Win98 users that are nervous about the WMF vulnerability that was announced at the tail end of the year. This site has made the patched version of gdi32.dll available to any and all. Their patch is open source. They basically say "it works for them..."......
Blog Traffic Exchange Related Websites
  • Learning to Play the Trombone When a trombone begins to display its power, nothing can stop it. The trombone is an incredible instrument, offering power and beautiful music. There is not much that is as impressive as a group of trombones playing in tune. Trombones have many places in music, including marching band, symphony, concert......
  • Black Hat // Webcast 28 - HTTP Parameter Pollution Vulnerabilities in Web Applications HTTP Parameter Pollution Vulnerabilities in Web Applications // Marco Balduzzi http://links.covertchannel.blackhat.com/ctt?kn=4&m=36625440&r=ODMwMzU3MTg2MAS2&b=2&j=MTAxNjM3NzA1S0&mt=1&rt=0 ----------------------------------- OVERVIEW: While input validation vulnerabilities such as XSS and SQL injection have been intensively studied, a new class of injection vulnerabilities called HTTP Parameter Pollution (HPP) has not received as much attention. HPP attacks consist of injecting encoded......
  • Buying versus Renting A while ago, the New York Times offered an interactive graphic, which allows you to enter all the variables you need to determine whether you come out ahead buying vs renting. You are able to enter the price for the house, rent of a similar house, down payment, interest rate......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site