More WMF problems for Windows



I can’t really say I’m surprised, after the big WMF vulnerability of the last couple weeks, I suspected we’d see closer scrutiny of other WMF “vectors”…. but….. The SecurityFix is one of the outlets, that have been reporting on another WMF vulnerability. According to the analysis so far, it can “only” cause a Denial of Service (DoS), not remote code execution. Hopefully, that’s as far as this vulnerability will allow external attackers to mess with a system. *(Basically the DoS could freeze/crash “cause to exit unexpectedly” the program used to view WMF’s)


Apparently, Microsoft is aware of the problem and tags it as a “performance issue”. Apparently the issues are being evaluated for repair in upcoming service packs. It doesn’t sound like a high priority though given no remote code execution vector at this point.

Related Posts

Blog Traffic Exchange Related Posts
  • Firefox zero-day vulnerability (or is it?) I saw a comment somewhere else that zero-day was overused and in essense ANY previously unknown vulnerability in open source software is technically zero day... the intent here though is to use the word in this context.... "vulnerability has been released without giving the vendor an opportunity to patch..." Yes,......
  • DoS Exploit for MS-053 Incidents.org has the story on an "in the wild" exploit for MS-053 vulnerability. The patch is out, so if you haven't already - go ahead with the patching. The vulnerability is entitled "Vulnerabilities in Graphics Rendering Engine Could Allow Code Execution (896424)". The exploit causes 100% cpu utilitzation on visiting......
  • Firefox vulnerabilities and 1.5 Release Candidate I know there's been at least one and probably a couple of Mozilla Firefox vulnerabilities announced in the last month or so. There are currently (according to Secunia) 3 unpatched Firefox vulnerabilities. The secunia page for firefox has the details. There are two vulnerabilites for which there is a workaround......
Blog Traffic Exchange Related Websites
  • Windows Help Center Application Pose Grave Threat to Windows XP/Server 2003 "A new vulnerability has been reported to the general public this morning via the “Full-Disclosure” mailing list, and it is quite troubling", stated by Jonathan Davis, an IT Security Consultant in the Washington DC metro area.  He further stated, "There is a vulnerability that exists in the Windows help center......
  • Tips for Fire Safety If you want to practice good fire safety, then you are going to need to have a plan in place. If your home or workshop should ever happen to catch fire, you are not going to have much time with which to escape. Smoke fumes are capable of incapacitating a......
  • Adobe Zero-Day Strikes Again Maybe Steve Jobs has the right idea about Adobe flash running on its iDevices... Another 0-Day Adobe issue is causing a buzz in the industry, read what Brian Prince of eWeek.com had to say about it... For the second time in nearly a week, Adobe Systems is warning users about......
PDF24    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site