Maker tech hub — AI · 3D print · Pi · ESP32 · plus the classic tech archive.

Free ESP32 kit · Books · Network Ninja · Archive

Classic tech archive. From the original averyjparker.com tech blog — historical context; pair with modern guides where noted. Full archive · Maker projects · Network Ninja

Classic tip · Windows

MS05-053 Microsoft Windows Image Viewing Vulnerability

Two notes on the Windows vulnerability patched day before yesterday. There is a trojan in the wild exploiting it and Symantec's AV definition to detect such an exploit is a bit too paranoid and flags…

Written by

Avery J. Parker

IT veteran, maker educator, and author of Network Ninja, 3D Printing Mastery, and AI Workflow Mastery. Business IT: Diversified Tech Solutions.

Two notes on the Windows vulnerability patched day before yesterday. There is a trojan in the wild exploiting it and Symantec's AV definition to detect such an exploit is a bit too paranoid and flags lot's of emf files as having an exploit for the same. The workaround is to disable emf files from virus scans.


Trendmicro apparently has discovered the trojan, TROJ_EMFSPLOIT.A which causes Explorer to crash. (From the vulnerability details I was expecting worse, but.... remember this will likely be refined as the days go on - we're at 2 days since the announcement.)

It sounds like the Symantec false positive affects almost all EMF files, but most particularly those generated by Excel.