Another update to exploit?

Thursday, January 5th, 2006

I didn’t see this reported anywhere, but since yesterday when there was an update to the metasploit module for the WMF vulnerability I think there’s been yet another update. I read yesterday that it had been updated and could evade all known IDS signatures. I downloaded the update to continue my Win98 testing. Then today [...]

The press covering the WMF bug

Thursday, January 5th, 2006

It’s always a strange mix between comedy and frustration to see the main media outlets cover a tech news item. I usually wince and brace myself when I see any tv news outlet take on a computer issue and likewise when I read newspapers and non-tech publications take on anything of the sort. It’s kind [...]

Antivirus scanning update for WMF

Wednesday, January 4th, 2006

I hung on to the last batch of 20 wmf exploit samples I had been working with for the purpose of testing my clamantivirus install against them to see when “full detection” of all 20 had been acheived. Last night, with version 1227 of the daily.cvd database, they were still detecting 8 out of the [...]

WMF exploit situation summary…

Sunday, January 1st, 2006

Since there’s been quite a bit of flux the last couple of days I thought I’d try to “reset” the situation and give a general overview of where we stand now with regards to the recent WMF zero-day exploit. 1st there is a vulnerability in the way Windows renders WMF (Windows MetaFile) image files that [...]

NEW exploit for the WMF vulnerability

Saturday, December 31st, 2005

Just when you thought we had a good understanding of the recent zero-day WMF (Windows metafile exploit) it’s worse. Sans is reporting on a new variation on the exploit released today. They have gone to yellow (again) to warn people. Here are some details. This exploit was “made by the folks at metasploit and xfocus, [...]


Switch to our mobile site