Ok – so at least I wasn’t the only one to see Microsoft’s update to the security bulletin as downplaying the threat…. Of course, I don’t expect them to say…. “OH NO>>>> THE INTERNET WILL BE CRASHING AND BURNING…” But acknowledging that it is a very serious threat and there are few ways (outside of […]
I had hoped to get in another test of Windows 98 with yet another WMF viewer (tried Kodak imaging, and irfanview). So far I haven’t seen a way that the WMF exploits can work on Windows 98 SE. I’m running out of time before I have to run to some computer service appointments and maybe […]
The Microsoft security bulletin on the WMF vulnerability has been updated to indicate that Microsoft expects to release an update for the issue in their regular patch release on January 10th. The first couple paragraphs strike me as a bit defensive. Explaining about their immediate mobilization of Incident Response and immediate work on a patch, […]
I had hoped to do an article on metasploit in the not too distant future, but not as early as tonight…. However, I’ve made a couple of references to it in previous posts which, well, it would be nice if I’d already given a bit of information about metasploit in general. For starters, metasploit is […]
There’s been an update to the unofficial patch for the WMF (Windows MetaFile) vulnerability. The main change appears to be some options to allow for quiet installation (unattended) to help administrators in large environments try to roll the patch out in automated login scripts/etc. It can be found here or at the incidents.org site. […]
I mentioned this in my summary yesterday morning as a possible workaround until there are patches for the WMF vulnerability that’s been big news the last week. I notice that incidents.org has mentioned it too as a possibility today. VMware has released VMPLayer as a free way of running premade virtual machines. Send article […]
I’ve seen breathless headlines that say “Windows PCs face ‘huge’ virus threat; Affects every MICROSOFT OS shipped since 1990…” and really would like to try to clarify (again) what the situation is. Yes, the bug or vulnerability that’s currently being exploited exists as far back as Windows 3.0, but as far as I can tell […]
Yesterday, when I was testing the WMF exploit against a Windows 98 virtual machine, I sent samples through virus total and the only antivirus product to detect each of them was “TheHacker” from hacksoft. This evening I was revisiting the exploit (with the new rule for metasploit) and saved 20 samples which I also tested […]
After my Windows 98 tests which failed to exploit the system with either the first or the second vulnerability, I started wondering how well the antivirus companies were doing in detecting this second exploit variation. I had setup and updated metasploit so I could test my Windows 98 SE install against the latest version of […]
Ok, I wasn’t quite satisfied with the results of the tests against the first version of the WMF (Windows Metafile) zero day exploit that’s now up to 4 or 5 days or so… Windows 98 is listed as being vulnerable, but there are no patches or workarounds currently available for Windows 98 users. I was […]
Bookmark this site now by pressing Ctrl+D
