WMF vulnerability checker



The same person that has given the New Year’s gift of an unofficial patch for the WMF exploit circulating has also provided a WMF vulnerability checker, download and install, it will tell if you’re vulnerable. Post is available here. According to the first comment it seems as though the vulnerability checker is triggering Norton’s auto-protect. (Norton detects it as “Bloodhound.Exploit.56″). (Which is a good sign…)


Ultimately to test if the system is vulnerable it’s trying to exploit the vulnerability (benignly, but as a test.) It’s good to see antivirus detection starting to catch up. I wonder if there would be such success against the second family of exploits on this ?(the ones with varying signatures.)

Related Posts

Blog Traffic Exchange Related Posts
  • Another Win98 patch for WMF vulnerability There's another patch for those Win98 users that are nervous about the WMF vulnerability that was announced at the tail end of the year. This site has made the patched version of gdi32.dll available to any and all. Their patch is open source. They basically say "it works for them..."......
  • New IM worm using WMF vulnerability There is news this morning of a new twist in the WMF vulnerability (it was only a matter of time.) There are reports of an instant messenger worm using the vulnerability to spread. Currently incidents.org is reporting that the worm is spreading through the MSN messenger IM network and contains......
  • NEW exploit for the WMF vulnerability Just when you thought we had a good understanding of the recent zero-day WMF (Windows metafile exploit) it's worse. Sans is reporting on a new variation on the exploit released today. They have gone to yellow (again) to warn people. Here are some details. This exploit was "made by the......
Blog Traffic Exchange Related Websites
  • What is Patch Tuesday? Excellent explanation of Patch Tuesday by TMI Engineering Patch Tuesday is the second Tuesday of each month, the day on which Microsoft releases security patches. Starting with Windows 98, Microsoft included a "Windows Update" system, that would check for patches to Windows and its components which Microsoft would release intermittently. With......
  • US-CERT - Apple Releases Multiple Security Updates Apple Releases Multiple Security Updates Original release date: October 12, 2011 at 4:11 pm Last revised: October 12, 2011 at 4:11 pm Apple has released security updates for Apple iOS, Safari 5.1.1, OS X Lion v10.7.2, iWork 09, and Apple TV 4.4 to address multiple vulnerabilities. Exploitation of these vulnerabilities......
  • Black Hat // Webcast 28 - HTTP Parameter Pollution Vulnerabilities in Web Applications HTTP Parameter Pollution Vulnerabilities in Web Applications // Marco Balduzzi http://links.covertchannel.blackhat.com/ctt?kn=4&m=36625440&r=ODMwMzU3MTg2MAS2&b=2&j=MTAxNjM3NzA1S0&mt=1&rt=0 ----------------------------------- OVERVIEW: While input validation vulnerabilities such as XSS and SQL injection have been intensively studied, a new class of injection vulnerabilities called HTTP Parameter Pollution (HPP) has not received as much attention. HPP attacks consist of injecting encoded......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

One Response to “WMF vulnerability checker”

  1. Spyware Informer Says:


    WMF Vulnerability Checker Ready for Download

    For those of you who don’t want to have to use the workaround for the WMF Exploit, our friends over at HexBlog have a great new fix. Ilfak Guilfanov made the only legitimate patch for the WMF exploit. I highly recommend you apply this patch. It doesn…


Switch to our mobile site