I can’t really say I’m surprised, after the big WMF vulnerability of the last couple weeks, I suspected we’d see closer scrutiny of other WMF “vectors”…. but….. The SecurityFix is one of the outlets, that have been reporting on another WMF vulnerability. According to the analysis so far, it can “only” cause a Denial of Service (DoS), not remote code execution. Hopefully, that’s as far as this vulnerability will allow external attackers to mess with a system. *(Basically the DoS could freeze/crash “cause to exit unexpectedly” the program used to view WMF’s)
Category: Windows
-
Windows 98 WMF patch
This hopefully will be my last post on the whole WMF exploit stuff…. It’s prompted in part by a comment on one of the articles on Windows 98 and the vulnerability. I realized that I hadn’t really brought things to a full conclusion for the Windows 98 users. Of course, Microsoft has released an official patch for Windows 2000 and XP and 2003, the sky is no longer falling quite as quickly and all is well right? Well, not exactly for pre-2000 Windows users. They’ve just been told, they have a vulnerability, it’s not as critical as it is for XP/2000/2003 and if it were critical – “oh we’d fix it there too”, but it’s not, better luck next time (and who knows the same vulnerability could come around more critical for earlier Windows versions next time…) Anyway, there IS a patch for Windows 98 systems.
-
Microsoft Patch Tuesday January
Sounds like this patch Tuesday will have a couple of updates in spite of the early release of the WMF vulnerability fix. Thanks to Microsoft for yielding that fix as soon as the testing was done. I would hope that it wasn’t just public pressure, but a sense of what the right thing to do is when there are exploits actively targeting a vulnerability.
-
Microsoft releases patch early for WMF exploit
Microsoft has released the patch for the WMF vulnerability that’s been all over the news early. It was released to http://windowsupdate.microsoft.com ahead of the previously announced January 10th “patch Tuesday”.
Congrats to Microsoft for getting this out the door early. That should go a long ways to blunting the attacks that are making use of this vulnerability.
-
Disable or turn off hotkeys under Windows XP
Since this is a simple tip I’m including it in the basics category. I ran across a pc with a Dell Multimedia Keyboard and they wanted to disable the hotkeys (sound mixer was always popping up because the key was in the way.) Anyway, on older systems, there would be a standalone program running to monitor the extra keys from the keyboard. (Calculator, email, web shortcut keys as well as sound control keys.)
-
WMF vulnerability advisory update
Microsoft has updated their security bulletin on the WMF vulnerability to note a couple things. One, they acknowledge that embedded images within a document can trigger the exploit. Previously they said this needed further investigation. Second, they are seconding what I’ve been finding that Windows 98 and other pre-XP systems are not as critically at risk for this vulnerability….
-
Microsoft OneCare and another unofficial patch
Brian Krebs at the SecurityFix today has questions about Microsoft OneCare. In fact, with Microsoft saying that OneCare is “more than just antivirus” you wonder whether that’s just marketing speak, or if that’s really the case…. he speculates about OneCare doing the registry patch that was a recommended workaround and a few other things related to OneCare.
-
Windows Desktop Search
I got a first look at Windows Desktop Search today (bundled with MSN Search Toolbar?) I was told that it was new on the system and had not been used. The systems owner didn’t know when it was installed and thought it must have been installed when he did a windows update. It looks like the MSN search toolbar adds tabbed browsing to internet explorer. I’m a bit suspicious of ANY software that the system owner is unsure of how it got to be installed on the system.
-
Big block of blank space in Add/Remove Programs
This isn’t an earth shattering issue, but as I was looking into some other problems on a Windows XP Pro system, I noticed a HUGE blank space in the Add/Remove programs area of the control panel. It was something like this, there were several entries (10 maybe) and then a huge block of blank space perhaps hundreds of “pages” long. I scrolled a bit with the mouse wheel and was not making quick progress, so just grabbed the scroll bar and pulled down to see the next 30-40 entries.
-
Windows 98 and WMF exploit posts
Since there’s some interest…. here is a listing of all posts related to the WMF exploit and Windows 98 that have come out in the last week.
http://www.averyjparker.com/2006/01/04/lack-of-working-exploit-does-not-mean-windows-98-is-safe/
http://www.averyjparker.com/2006/01/03/wmf-exploit-vs-windows-98-again/
http://www.averyjparker.com/2006/01/03/wmf-exploit-testing-on-windows-98/
http://www.averyjparker.com/2006/01/02/windows-98-and-the-wmf-exploit/
http://www.averyjparker.com/2006/01/01/version-2-of-the-wmv-exploit-vs-windows-98-se/
http://www.averyjparker.com/2006/01/01/more-wmf-exploit-testing-on-windows-98/
http://www.averyjparker.com/2006/01/01/wmf-exploit-and-windows-98/