Antivirus scanning update for WMF



I hung on to the last batch of 20 wmf exploit samples I had been working with for the purpose of testing my clamantivirus install against them to see when “full detection” of all 20 had been acheived. Last night, with version 1227 of the daily.cvd database, they were still detecting 8 out of the 20. Now, the signatures seem to have improved as with version 1228 of daily.cvd clamav detects all 20 as Exploit.WMF.Gen-3 FOUND


This improves the chances that those using squid with clamav scanning for web browsing have a better chance against it. That’s good news.

The bad news is that there’s been an update to the metasploit module for this exploit since those were created. Unfortunately Clamantivirus is now 0 for 20 with files from the new module. The metasploit update was reported to breeze pass current IDS signatures. Not good.

Related Posts

Blog Traffic Exchange Related Posts
  • More testing on the second WMF exploit After my Windows 98 tests which failed to exploit the system with either the first or the second vulnerability, I started wondering how well the antivirus companies were doing in detecting this second exploit variation. I had setup and updated metasploit so I could test my Windows 98 SE install......
  • Version 2 of the WMF exploit vs Windows 98 SE Ok, I wasn't quite satisfied with the results of the tests against the first version of the WMF (Windows Metafile) zero day exploit that's now up to 4 or 5 days or so... Windows 98 is listed as being vulnerable, but there are no patches or workarounds currently available for......
  • Codeweavers fixes WMF vulnerability in Crossover Office There has been a bugfix release to Crossover Office, released by Codeweavers. Crossover Office is an offshoot of the Wine project, which is a windows compatibility suite for Linux, to allow Windows applications to run under modern Linux operating systems. It was found recently that wine suffered from the WMF......
Blog Traffic Exchange Related Websites
  • These Wordpress Plugins May help Wordpress Plugins You May Need Image by teddy-rised via Flickr I have been asked many different times from new bloggers what plugins they should use. I think a big part of it comes down to personal taste.  While there are some essentials many of them are just add-on plugins......
  • 5 Reasons To Say Goodbye To Internet Explorer Microsoft has long championed its own proprietary web browser, Internet Explorer. Internet Explorer 7.0 proves to be the current browser version promoted by the operating system behemoth. This comes installed on every computer that operates on the Windows Vista or Windows 7 operating systems. Although this Internet Explorer is the......
  • The Complete Yachtmaster: Sailing, Seamanship, and Navigation for the Modern Yacht Skipper by Tom Cunliffe This week I am posting the book review early as Friday is a holiday. Happy 4th of July all! Although this book was written primarily for the UK market, there is still plenty of great advice for boaters around the world and it can easily be adapted for owners in......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site