WMF exploit and Windows 98



Most of the talk on the WMF zero-day has centered on Windows XP, 2000 and 2003. The unofficial patch is available for those three platforms. Microsoft’s (eventual) patch will likely be for those as well. Incidents.org had a comment in one of their posts that this would be a “watershed moment” for Windows 98/ME and that those users should upgrade immediately as there is little/no hope for a patch.


Unregistering the dll doesn’t work for Win98 (SE). Although the vulnerability technicically exists on Win98 and ME, I’ve not seen as easy infection on 98 as I did in XP. I loaded up a Windows 98 SE image and opened explorer to one of the sites serving up the exploit. After the page loaded a popup opened that said… “File download” and went on to say the file name was xpl.wmf type was a WMF file and it was from 85.255.113.242 – there was a warning that this type of file could harm your computer if it contains malicious code. I’m then prompted to open or save or cancel or get more info….

All this is with IE 6 SP1 on Windows 98 SE. At least it prompts. Being the curious sort…. I saved it to the desktop and then chose to open it. I was greeted with the following…. “Open with” “Click the program you want to use to open the file xpl.wmf if the program you want is not in the list click other…” so, Win98SE in this (default) install doesn’t seem capable of being infected so easily. This doesn’t mean that it’s not vulnerable per se, but the most common exploit doesn’t seem to be effective. (Would an exploit masquerading as a jpg infect the system? I’m not certain.) Would ME be affected? Possibly, I don’t have a Windows ME image to test though.

A quick look at my stats shows that just under 2% of this site’s visitors running some form of Windows, run Windows 98 (91.27% windows xp, 5.67% win2k) I suspect that windows 98 isn’t as tempting a target. That does not mean that it’s safe and certainly Windows 98 users should be considering upgrade options. Vista will be coming soon and so, your options are likely upgrade soon to Windows XP or aim towards Vista. It’s probable at this point, either would require hardware upgrades/replacements.

BTW, the same file, scanned with clamav is detected as Exploit.WMF.A

Related Posts

Blog Traffic Exchange Related Posts
  • Cleaning up after WMF Exploit - summary Can I say enough times that after a bad trojan infestation you should format and reinstall? I've cleaned up the infested image that I "sacrificed" to the WMF exploit and as I've said you're pestware install will likely be somewhat different. An exploit is just the road, the spyware and......
  • WMF exploit testing on Windows 98 I had hoped to get in another test of Windows 98 with yet another WMF viewer (tried Kodak imaging, and irfanview). So far I haven't seen a way that the WMF exploits can work on Windows 98 SE. I'm running out of time before I have to run to some......
  • Windows 98 and the WMF exploit I've seen breathless headlines that say "Windows PCs face 'huge' virus threat; Affects every MICROSOFT OS shipped since 1990..." and really would like to try to clarify (again) what the situation is. Yes, the bug or vulnerability that's currently being exploited exists as far back as Windows 3.0, but as......
Blog Traffic Exchange Related Websites
  • India's First Dental Stem Cell Bank is Now Open Image via Wikipedia The first-ever dental stem cell bank in India called "Store your Cells" has now been launched. This unique bank is the venture of started by dentists at Dhruv Polyclinic, Mumbai. The venture was formed under the guidance of Dr. Kedar Gadgil, who is a successful implant......
  • SAINT 7.9 Product Release From Saint Newletter: Key New Features in SAINT 7.9 Vulnerability Scanner Microsoft Patch Tuesday scan policy - This scan policy checks for the latest published Microsoft Patch Tuesday vulnerabilities (2nd Tuesday of each month) New Vulnerability Check Type Coverage now includes - Blind SQL injection Flash application - Flash application......
  • Athlete Profiles: Pete Sampras Pete Sampras was born in 1971 and grew up in the Washington DC area of the United States. He is considered to be one of the most gifted male players in the sport and has one numerous titles, medals and cups throughout his long and illustrious career. Although he is......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site