Another update to exploit?
I didn’t see this reported anywhere, but since yesterday when there was an update to the metasploit module for the WMF vulnerability I think there’s been yet another update. I read yesterday that it had been updated and could evade all known IDS signatures. I downloaded the update to continue my Win98 testing. Then today found that there was another update. I haven’t compared the old/new versions but can’t help but wonder if this means more scrambling of antivirus writers for new signatures to keep up.
Spyware Confidential is linking to an update at Larry Seltzer’s blog updating the situation on antivirus scanning for the exploit.
It’s good to see the list current, I was afraid the 12/31 list was giving a bit of overconfidence.
After I read, I tested the new module variation against clamav and must say it performed very well, 100%.
Popularity: 1% [?]
Related Posts - The end for Windows 98 may be a boost to linux? There are articles out about the demise of official Windows 98 and ME support would be a boost to linux uptake. Realistically, I suppose it may, but I personally am not holding my breath. Here's why. 1) The people still running Windows 98/ME are likely doing so because that's what......
- Antivirus scanning update for WMF I hung on to the last batch of 20 wmf exploit samples I had been working with for the purpose of testing my clamantivirus install against them to see when "full detection" of all 20 had been acheived. Last night, with version 1227 of the daily.cvd database, they were still......
- Firefox zero-day vulnerability (or is it?) I saw a comment somewhere else that zero-day was overused and in essense ANY previously unknown vulnerability in open source software is technically zero day... the intent here though is to use the word in this context.... "vulnerability has been released without giving the vendor an opportunity to patch..." Yes,......
Related Websites - Becoming Aware Of The Time Between Blog Updates In most instances not leaving time before a content update is a problem for bloggers. If you start an internet business and your main presence is a blog over and over you will be told that the way to succeed you need to have your blog constantly updated. The problem......
- Microsoft Security Bulletin MS10-046 - Critical Microsoft Security Bulletin MS10-046 - Critical Vulnerability in Windows Shell Could Allow Remote Code Execution (2286198) Published: August 02, 2010 | Updated: August 03, 2010 Version: 1.1 General Information Executive Summary This security update resolves a publicly disclosed vulnerability in Windows Shell. The vulnerability could allow remote code execution if the icon......
- Samurai Alexa Challenge Update I hope all of you read Financial Samurai's post yesterday. I figured since the point of this challenge is to encourage each other and to grow as a group, not just individually, we should be spreading the love around more. I think that if we make the Alexa Rankings Challenge......
Similar Posts
- Antivirus vs. WMF exploit
- Antivirus scanning update for WMF
- Clamantivirus may get support from eEye?
- NEW exploit for the WMF vulnerability
- More testing on the second WMF exploit