WMF vulnerability checker



The same person that has given the New Year’s gift of an unofficial patch for the WMF exploit circulating has also provided a WMF vulnerability checker, download and install, it will tell if you’re vulnerable. Post is available here. According to the first comment it seems as though the vulnerability checker is triggering Norton’s auto-protect. (Norton detects it as “Bloodhound.Exploit.56″). (Which is a good sign…)


Ultimately to test if the system is vulnerable it’s trying to exploit the vulnerability (benignly, but as a test.) It’s good to see antivirus detection starting to catch up. I wonder if there would be such success against the second family of exploits on this ?(the ones with varying signatures.)

Related Posts

Blog Traffic Exchange Related Posts
  • WMF vulnerability advisory update Microsoft has updated their security bulletin on the WMF vulnerability to note a couple things. One, they acknowledge that embedded images within a document can trigger the exploit. Previously they said this needed further investigation. Second, they are seconding what I've been finding that Windows 98 and other pre-XP systems......
  • Powerpoint zero day This has been a rough quarter for Office vulnerabilities... there seems to be a pattern, Microsoft patch day, then.... zero-day exploit within a week for an Office component. First Word, then Excel and now this month our vulnerable app is Powerpoint. The Security Fix has some coverage and notes the......
  • Lotus Notes WMF vulnerability This is really the same zero-day wmf vulnerability, but there is a twist. It's been found that Lotus Notes v. 6.x and up are vulnerable to the Windows Meta File (WMF) exploit that's making the rounds. Probably not surprising given that there are reports of many vectors of attack, not......
Blog Traffic Exchange Related Websites
  • A Strong Week in Tennis for Champion Players This week, there were a few different kinds of games going on throughout the world. These different matches pitted some of the top ranked players in the world against one another to be able to earn the title. While these smaller tournaments might be dwarfed in the shadow of the......
  • Database Security with Application Security, Inc. Database Security and Compliance Efforts Start with a Scan Manually assessing the security posture of a database is a complex task that requires expertise and significant resources. Manually measuring and demonstrating compliance with industry and government regulations is even more difficult, but by equipping your staff with AppDetectiveProâ„¢, you will......
  • Black Hat // Webcast 28 - HTTP Parameter Pollution Vulnerabilities in Web Applications HTTP Parameter Pollution Vulnerabilities in Web Applications // Marco Balduzzi http://links.covertchannel.blackhat.com/ctt?kn=4&m=36625440&r=ODMwMzU3MTg2MAS2&b=2&j=MTAxNjM3NzA1S0&mt=1&rt=0 ----------------------------------- OVERVIEW: While input validation vulnerabilities such as XSS and SQL injection have been intensively studied, a new class of injection vulnerabilities called HTTP Parameter Pollution (HPP) has not received as much attention. HPP attacks consist of injecting encoded......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

One Response to “WMF vulnerability checker”

  1. Spyware Informer Says:


    WMF Vulnerability Checker Ready for Download

    For those of you who don’t want to have to use the workaround for the WMF Exploit, our friends over at HexBlog have a great new fix. Ilfak Guilfanov made the only legitimate patch for the WMF exploit. I highly recommend you apply this patch. It doesn…


Switch to our mobile site