WMF exploit and Windows 98



Most of the talk on the WMF zero-day has centered on Windows XP, 2000 and 2003. The unofficial patch is available for those three platforms. Microsoft’s (eventual) patch will likely be for those as well. Incidents.org had a comment in one of their posts that this would be a “watershed moment” for Windows 98/ME and that those users should upgrade immediately as there is little/no hope for a patch.


Unregistering the dll doesn’t work for Win98 (SE). Although the vulnerability technicically exists on Win98 and ME, I’ve not seen as easy infection on 98 as I did in XP. I loaded up a Windows 98 SE image and opened explorer to one of the sites serving up the exploit. After the page loaded a popup opened that said… “File download” and went on to say the file name was xpl.wmf type was a WMF file and it was from 85.255.113.242 – there was a warning that this type of file could harm your computer if it contains malicious code. I’m then prompted to open or save or cancel or get more info….

All this is with IE 6 SP1 on Windows 98 SE. At least it prompts. Being the curious sort…. I saved it to the desktop and then chose to open it. I was greeted with the following…. “Open with” “Click the program you want to use to open the file xpl.wmf if the program you want is not in the list click other…” so, Win98SE in this (default) install doesn’t seem capable of being infected so easily. This doesn’t mean that it’s not vulnerable per se, but the most common exploit doesn’t seem to be effective. (Would an exploit masquerading as a jpg infect the system? I’m not certain.) Would ME be affected? Possibly, I don’t have a Windows ME image to test though.

A quick look at my stats shows that just under 2% of this site’s visitors running some form of Windows, run Windows 98 (91.27% windows xp, 5.67% win2k) I suspect that windows 98 isn’t as tempting a target. That does not mean that it’s safe and certainly Windows 98 users should be considering upgrade options. Vista will be coming soon and so, your options are likely upgrade soon to Windows XP or aim towards Vista. It’s probable at this point, either would require hardware upgrades/replacements.

BTW, the same file, scanned with clamav is detected as Exploit.WMF.A

Related Posts

Blog Traffic Exchange Related Posts
  • Version 2 of the WMF exploit vs Windows 98 SE Ok, I wasn't quite satisfied with the results of the tests against the first version of the WMF (Windows Metafile) zero day exploit that's now up to 4 or 5 days or so... Windows 98 is listed as being vulnerable, but there are no patches or workarounds currently available for......
  • WMF exploit situation summary... Since there's been quite a bit of flux the last couple of days I thought I'd try to "reset" the situation and give a general overview of where we stand now with regards to the recent WMF zero-day exploit. 1st there is a vulnerability in the way Windows renders WMF......
  • WMF exploit testing on Windows 98 I had hoped to get in another test of Windows 98 with yet another WMF viewer (tried Kodak imaging, and irfanview). So far I haven't seen a way that the WMF exploits can work on Windows 98 SE. I'm running out of time before I have to run to some......
Blog Traffic Exchange Related Websites
  • Save Money with Free Software. When I started this blog, I developed a sort of split personality. In my real life I'm a software engineer and all around computer geek. But when I sit down to write, or read a financial book or magazine, the finance driven "me" comes out. I never really noticed......
  • Athlete Profiles: Pete Sampras Pete Sampras was born in 1971 and grew up in the Washington DC area of the United States. He is considered to be one of the most gifted male players in the sport and has one numerous titles, medals and cups throughout his long and illustrious career. Although he is......
  • 10 Windows 7 Tips So far, Windows 7 is the bee's knees.  The more I find out, the more I like, which is saying a lot - with operating systems, it's usually the other way around! Here are a few things that make Windows 7 neat.  Big thanks to Tim Sneath for most of......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site