Third Party WMF patch



The F-secure blog is reporting on a third party patch for the WMF exploit. I have not tested it, it seems to come from a knowledgable source though. As I’m writing this though, the thought strikes me that a really nasty trick would be a claimed fix that actually exploited the vulnerability. It pays to check up on the source of ANY third-party fix for Windows (or any other operating system or software suite…) Anyway, this seems to be a good source though. He’s the primary author of IDA Pro (Interactive Disassembler Pro).


For someone htat’s REALLY anxious for a fix other than the unregister workaround this looks like a good option. He describes it in the blog post linked to above. It basically is a dll that hooks into user32.dll and disables the SETABORT escape sequence in gdi32.dll

His fix is currently available only for Windows XP SP2 (64-bit as well) it will have an entry in add/remove programs. He suggests to remove it 1) if you have any problems with it and 2) when Microsoft patches the bug. In other words, when MS patches the problem uninstall this and install their patch.

It does not cause the problems with image browsing that the registry workaround does. He’s also asking for input on any experience with the patch (i.e. does this break anything?) The expected disclaimers for this apply…. (no responsibility for system breakage – read and decide for yourself if you want to try this.)

Related Posts

Blog Traffic Exchange Related Posts
  • Another Win98 patch for WMF vulnerability There's another patch for those Win98 users that are nervous about the WMF vulnerability that was announced at the tail end of the year. This site has made the patched version of gdi32.dll available to any and all. Their patch is open source. They basically say "it works for them..."......
  • More on the Windows WMF zero-day exploit There seems to be quite a bit developing on the Windows Meta File (WMF) zero-day (0-day) exploit which was first reported yesterday. Sans has raised their alert level to yellow in an effort to get attention to this problem. It looks like the original site serving the exploit is down,......
  • More WMF exploit testing on Windows 98 I've spent some more effort on trying to infect Windows 98 SE in a virtual machine with some of the exploit samples I can find. The first attempt was at a website with the .wmf download. No luck infecting the system there. Then, I've loaded up the image and visited......
Blog Traffic Exchange Related Websites
  • Spyware: The New Annoying Threat A friend called me one day, frustrated out of his mind that his computer was acting very strange.  When he opened his Internet Explorer, it sent him to a strange site and pop-up windows kept covering his screen.  He even complained about the performance of his Intel Pentium 4 computer......
  • New Trusts, Will they Help? One of the worries that plagues many Americans is the issue of wills and estate planning. Many vehicles exist for handling an estate in the case of a death, most of them applying in particular or exacting ways. However, there is a new vehicle in play that can provide unmatched......
  • Corporate Blog Security Issues If you are planning on starting your own corporate blog or executive blog, or if you already have a corporate blog that you are writing in, then one of your greatest concerns should be corporate blog security issues. There are a variety of different corporate blogging security issues that you......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site