WMF exploit testing on Windows 98
I had hoped to get in another test of Windows 98 with yet another WMF viewer (tried Kodak imaging, and irfanview). So far I haven’t seen a way that the WMF exploits can work on Windows 98 SE. I’m running out of time before I have to run to some computer service appointments and maybe will be able to pick up again this afternoon/evening. Larry Seltzer had a post this morning that earlier versions of Windows might not be as vulnerable because they had no default WMF viewer, but with a default WMF viewer they may be susceptible. I’m still looking for a WMF viewer that makes the exploit possible on Windows 98 SE.
Again, I’ll leave this thread open to comments in case someone else finds a combination that is vulnerable. Previous posts on the issue with WMF and Windows 98 on my site are:
http://www.averyjparker.com/2006/01/02/windows-98-and-the-wmf-exploit/
http://www.averyjparker.com/2006/01/01/version-2-of-the-wmv-exploit-vs-windows-98-se/
http://www.averyjparker.com/2006/01/01/more-wmf-exploit-testing-on-windows-98/
http://www.averyjparker.com/2006/01/01/wmf-exploit-and-windows-98/
Popularity: 1% [?]
Similar Posts
- Windows 98 and WMF exploit posts
- Version 2 of the WMF exploit vs Windows 98 SE
- Windows 98 and the WMF exploit
- WMF exploit vs. Windows 98 again…
- More WMF exploit testing on Windows 98
January 3rd, 2006 at 5:41 pm
The following HTML snippet turns InternetExplorer 5.0 into a WMF viewer; doesn’t work with Mozilla. Only tested with valid WMF files;
January 3rd, 2006 at 5:42 pm
[less than] img src=”file.wmf” alt=”not vulnerable” [greaterthan]
January 4th, 2006 at 4:18 pm
I tested that possibility - it didn’t render, didn’t trigger the exploit. IE treated it like a broken image.