More WMF problems for Windows



I can’t really say I’m surprised, after the big WMF vulnerability of the last couple weeks, I suspected we’d see closer scrutiny of other WMF “vectors”…. but….. The SecurityFix is one of the outlets, that have been reporting on another WMF vulnerability. According to the analysis so far, it can “only” cause a Denial of Service (DoS), not remote code execution. Hopefully, that’s as far as this vulnerability will allow external attackers to mess with a system. *(Basically the DoS could freeze/crash “cause to exit unexpectedly” the program used to view WMF’s)


Apparently, Microsoft is aware of the problem and tags it as a “performance issue”. Apparently the issues are being evaluated for repair in upcoming service packs. It doesn’t sound like a high priority though given no remote code execution vector at this point.

Related Posts

Blog Traffic Exchange Related Posts
  • WMF 0-day update Last night while I was in the midst of infecting a virtual machine, Microsoft issued a release that there's a "possible vulnerability"... fortunately, their technical document is a bit more straightforward... technet advisory here. Spyware Confidential also has a good roundup on the coverage so far. There's a bit more......
  • How to Remove Win Security 360 | Win Security 360 Removal Guide Win Security 360 is a rogue antivirus application that is promoted through the use of trojans and other malware as well as sites that claim to do malware scans of your computer. Among the things that it will do is schedule itself to run when the system boots and it......
  • Firefox vulnerabilities and 1.5 Release Candidate I know there's been at least one and probably a couple of Mozilla Firefox vulnerabilities announced in the last month or so. There are currently (according to Secunia) 3 unpatched Firefox vulnerabilities. The secunia page for firefox has the details. There are two vulnerabilites for which there is a workaround......
Blog Traffic Exchange Related Websites
  • Microsoft Security Bulletin MS10-046 - Critical Microsoft Security Bulletin MS10-046 - Critical Vulnerability in Windows Shell Could Allow Remote Code Execution (2286198) Published: August 02, 2010 | Updated: August 03, 2010 Version: 1.1 General Information Executive Summary This security update resolves a publicly disclosed vulnerability in Windows Shell. The vulnerability could allow remote code execution if the icon......
  • Spyware: The New Annoying Threat A friend called me one day, frustrated out of his mind that his computer was acting very strange.  When he opened his Internet Explorer, it sent him to a strange site and pop-up windows kept covering his screen.  He even complained about the performance of his Intel Pentium 4 computer......
  • Adobe Zero-Day Strikes Again Maybe Steve Jobs has the right idea about Adobe flash running on its iDevices... Another 0-Day Adobe issue is causing a buzz in the industry, read what Brian Prince of eWeek.com had to say about it... For the second time in nearly a week, Adobe Systems is warning users about......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site