Computer Tips -Tech Info

Tag: WMF

More WMF problems for Windows

I can’t really say I’m surprised, after the big WMF vulnerability of the last couple weeks, I suspected we’d see closer scrutiny of other WMF “vectors”…. but….. The SecurityFix is one of the outlets, that have been reporting on another WMF vulnerability. According to the analysis so far, it can “only” cause a Denial of Service (DoS), not remote code execution. Hopefully, that’s as far as this vulnerability will allow external attackers to mess with a system. *(Basically the DoS could freeze/crash “cause to exit unexpectedly” the program used to view WMF’s)

(more…)

January 10, 2006
Windows 98 WMF patch

This hopefully will be my last post on the whole WMF exploit stuff…. It’s prompted in part by a comment on one of the articles on Windows 98 and the vulnerability. I realized that I hadn’t really brought things to a full conclusion for the Windows 98 users. Of course, Microsoft has released an official patch for Windows 2000 and XP and 2003, the sky is no longer falling quite as quickly and all is well right? Well, not exactly for pre-2000 Windows users. They’ve just been told, they have a vulnerability, it’s not as critical as it is for XP/2000/2003 and if it were critical – “oh we’d fix it there too”, but it’s not, better luck next time (and who knows the same vulnerability could come around more critical for earlier Windows versions next time…) Anyway, there IS a patch for Windows 98 systems.

(more…)

January 6, 2006
Windows more secure than Linux?

For the last week, I’ve seen various headlines referring to a report from US-CERT that indicated 2005 had 5,198 security flaws reported. Out of those 2,328 were reported for Linux/Unix, 812 for Windows and 2,058 affecting more than one operating system. Now, I’m seeing all sorts of headlines about how Windows is more secure than Linux based on this report. (?!?) Did anyone reporting “windows more secure than linux/unix” actually read the report, look at some of the details and compare with the Technical Cyber Security Alerts?

(more…)

January 5, 2006
Microsoft Patch Tuesday January

Sounds like this patch Tuesday will have a couple of updates in spite of the early release of the WMF vulnerability fix. Thanks to Microsoft for yielding that fix as soon as the testing was done. I would hope that it wasn’t just public pressure, but a sense of what the right thing to do is when there are exploits actively targeting a vulnerability.

(more…)

January 5, 2006
Microsoft releases patch early for WMF exploit

Microsoft has released the patch for the WMF vulnerability that’s been all over the news early. It was released to http://windowsupdate.microsoft.com ahead of the previously announced January 10th “patch Tuesday”.

Congrats to Microsoft for getting this out the door early. That should go a long ways to blunting the attacks that are making use of this vulnerability.

(more…)

January 5, 2006
WMF vulnerability advisory update

Microsoft has updated their security bulletin on the WMF vulnerability to note a couple things. One, they acknowledge that embedded images within a document can trigger the exploit. Previously they said this needed further investigation. Second, they are seconding what I’ve been finding that Windows 98 and other pre-XP systems are not as critically at risk for this vulnerability….

(more…)

January 5, 2006
Another update to exploit?

I didn’t see this reported anywhere, but since yesterday when there was an update to the metasploit module for the WMF vulnerability I think there’s been yet another update. I read yesterday that it had been updated and could evade all known IDS signatures. I downloaded the update to continue my Win98 testing. Then today found that there was another update. I haven’t compared the old/new versions but can’t help but wonder if this means more scrambling of antivirus writers for new signatures to keep up.

(more…)

January 5, 2006
The press covering the WMF bug

It’s always a strange mix between comedy and frustration to see the main media outlets cover a tech news item. I usually wince and brace myself when I see any tv news outlet take on a computer issue and likewise when I read newspapers and non-tech publications take on anything of the sort. It’s kind of like movies that use extremely fake computers. Sometimes I think it’s because they’re trying to simplify things for the average viewer, but I usually find that approach somewhat condescending because I don’t think grown adults should be treated like little kids. Anyway, I digress… the coverage of this WMF exploit has been, well, interesting. There was…

(more…)

January 5, 2006
Too little time…

I’ve just been back at appointments what – 2 days? And already I’ve got a ton of issues to detail. I usually don’t get into details of everything I run into because many times it’s rather tedious issues, memory install, fill in the blank virus removal for the nth time, etc. However I’ve already run across a few unique things that have taken some searching. One is still unresolved (time constraint.) That will get a revisit in the near future.

(more…)

January 5, 2006
Windows 98 and WMF exploit posts

Since there’s some interest…. here is a listing of all posts related to the WMF exploit and Windows 98 that have come out in the last week.

http://www.averyjparker.com/2006/01/04/lack-of-working-exploit-does-not-mean-windows-98-is-safe/

http://www.averyjparker.com/2006/01/03/wmf-exploit-vs-windows-98-again/

http://www.averyjparker.com/2006/01/03/wmf-exploit-testing-on-windows-98/

http://www.averyjparker.com/2006/01/02/windows-98-and-the-wmf-exploit/

http://www.averyjparker.com/2006/01/01/version-2-of-the-wmv-exploit-vs-windows-98-se/

http://www.averyjparker.com/2006/01/01/more-wmf-exploit-testing-on-windows-98/

http://www.averyjparker.com/2006/01/01/wmf-exploit-and-windows-98/

January 4, 2006