«
»

WMF vulnerability checker



The same person that has given the New Year’s gift of an unofficial patch for the WMF exploit circulating has also provided a WMF vulnerability checker, download and install, it will tell if you’re vulnerable. Post is available here. According to the first comment it seems as though the vulnerability checker is triggering Norton’s auto-protect. (Norton detects it as “Bloodhound.Exploit.56″). (Which is a good sign…)


Ultimately to test if the system is vulnerable it’s trying to exploit the vulnerability (benignly, but as a test.) It’s good to see antivirus detection starting to catch up. I wonder if there would be such success against the second family of exploits on this ?(the ones with varying signatures.)

Popularity: 2% [?]

PDF Download    Send article as PDF   
Blog Traffic Exchange Related Posts
  • Another wolf in sheeps clothing I did an article a while back on "wolves in sheeps clothing" software that poses as security software but will usually turn around and bite you. Sunbeltblog has a post on another fake security center site. Keep an eye peeled for these, information is power in protecting yourself against this......
  • Powerpoint zero day This has been a rough quarter for Office vulnerabilities... there seems to be a pattern, Microsoft patch day, then.... zero-day exploit within a week for an Office component. First Word, then Excel and now this month our vulnerable app is Powerpoint. The Security Fix has some coverage and notes the......
  • Like flypaper for malware.. The diary over at the SANS Institute mentioned an interesting program today. Nepenthes is a program that can simulate a vulnerability so that it can collect samples of malware trying to exploit that vulnerability. They "simulate" a vulnerable system in the sense that on the network it responds to network......
Blog Traffic Exchange Related Websites
  • An Overview Of What Mozy Has To Offer For business owners (and even homeowners) these days, it is important to make use of tools that provide backup services for their digital files. And such a need is what mozy was specifically developed for. Such a program offers great file backup and file storage solutions for both business as......
  • A Strong Week in Tennis for Champion Players This week, there were a few different kinds of games going on throughout the world. These different matches pitted some of the top ranked players in the world against one another to be able to earn the title. While these smaller tournaments might be dwarfed in the shadow of the......
  • Black Hat // Webcast 28 - HTTP Parameter Pollution Vulnerabilities in Web Applications HTTP Parameter Pollution Vulnerabilities in Web Applications // Marco Balduzzi http://links.covertchannel.blackhat.com/ctt?kn=4&m=36625440&r=ODMwMzU3MTg2MAS2&b=2&j=MTAxNjM3NzA1S0&mt=1&rt=0 ----------------------------------- OVERVIEW: While input validation vulnerabilities such as XSS and SQL injection have been intensively studied, a new class of injection vulnerabilities called HTTP Parameter Pollution (HPP) has not received as much attention. HPP attacks consist of injecting encoded......

Similar Posts


This entry was posted on Sunday, January 1st, 2006 at 9:29 pm and is filed under Computers, Security. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.

See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

One Response to “WMF vulnerability checker”

  1. Spyware Informer Says:
    January 2nd, 2006 at 12:51 pm


    WMF Vulnerability Checker Ready for Download

    For those of you who don’t want to have to use the workaround for the WMF Exploit, our friends over at HexBlog have a great new fix. Ilfak Guilfanov made the only legitimate patch for the WMF exploit. I highly recommend you apply this patch. It doesn…

Switch to our mobile site