Skip to comments.
WMF (Windows meta file) exploit
The SANS Institute ^
| January 2, 2005
| Various
Posted on 01/02/2006 5:07:56 AM PST by KeyWest
click here to read article
Navigation: use the links below to view more comments.
first 1-20, 21-40, 41-50 next last
This is from just one of the articles at the link. If you go to some of the anti-virus sites they say they have the problem in hand but SANS disagrees. The info is fairly straight forward.
In essence, if you are using MSIE you are particularly vulnerable. Firefox and Moz give an intermediate step that can protect you if you know about the exploit, but most people do not and will open the "picture".
I have been around since 1998, and post infrequently, but this is a potential major problem. There has been one other post on the problem, but few saw it.
1
posted on
01/02/2006 5:07:56 AM PST
by
KeyWest
To: Admin Moderator
Moderator- OK, did something wrong to get the 404, but the links do work. Help!
2
posted on
01/02/2006 5:11:34 AM PST
by
KeyWest
(Help stamp out taglines!)
To: KeyWest
Foxnews.com had a story about this yesterday, I sent the link to my friends and family.
http://www.foxnews.com/story/0,2933,180244,00.html
You're right, this one is gonna be a major problem until they get a patch issued.
Don't you love MS development strategy? "Get it to market first, then finish programming."
3
posted on
01/02/2006 5:12:17 AM PST
by
wvobiwan
(It's OUR Net! If you don't like it keep your stanky routers off it!)
To: Admin Moderator
OK. I see it was the link to FR that showed up as a 404 and now works.
4
posted on
01/02/2006 5:13:07 AM PST
by
KeyWest
(Help stamp out taglines!)
To: Admin Moderator
Please change the date - it was not a year ago...
As I said, I post infrequently... :)
5
posted on
01/02/2006 5:16:10 AM PST
by
KeyWest
(Help stamp out taglines!)
To: KeyWest
I have been around since 1998, and post infrequently, but this is a potential major problem. Shoot, fella- I know you-- haven't "talked" to you for a while, but you go back farther on this site than I do... you're an Oldtimer.
I have some links handy ( rummaging around old files hastily )...
John's Note:
I tried this-- seems OK on Win 2K:
Here's an update to the unofficial fix posted above. The folks at sans.org have taken the patch apart and modified it to work on WIN2K systems.. It's running on my system with no apparent ill effects. I'll be patching the other computers in the house shortly.
----------------------------------------------------------------------------------------
Subnote: V-lan works fine on my home machines- others I know swear it "hosed my codecs"- so be advised I provide that and other links on a "use with caution" basis.
6
posted on
01/02/2006 5:27:31 AM PST
by
backhoe
(-30-)
To: backhoe; KeyWest
Thanks for the heads up. Once again this proves the worth of Free Republic and its posters.
I wouldn't know sans.org from Adam's housecat.
7
posted on
01/02/2006 5:36:40 AM PST
by
A.Hun
(Democrats suck worse than ice storms.)
To: backhoe; KeyWest
Amazing. This post has been up for almost an hour, and we haven't had anyone post "Free Republic isn't a computer forum, blah, blah, blah..."
8
posted on
01/02/2006 5:53:10 AM PST
by
Born Conservative
(Chronic Positivity: http://www.livejournal.com/users/jsher/)
To: A.Hun
I wouldn't know sans.org from Adam's housecat. My late Mom's favorite variant of that was "wouldn't know him from a load of coal." ( She grew up in coal country )
9
posted on
01/02/2006 5:53:46 AM PST
by
backhoe
(-30-)
To: ShadowAce
10
posted on
01/02/2006 5:54:00 AM PST
by
Born Conservative
(Chronic Positivity: http://www.livejournal.com/users/jsher/)
To: Born Conservative
Amazing. This post has been up for almost an hour, and we haven't had anyone post "Free Republic isn't a computer forum, blah, blah, blah..."Not surprisingly ( since we have so many people from different backgrounds ) some of the best and fastest computer advice I have gotten has been right here.
There are some very good computer forums- Geeks to Go, VirtualDr, and others- but we're pretty durn good, too.
11
posted on
01/02/2006 5:56:51 AM PST
by
backhoe
(-30-)
To: backhoe; KeyWest
Well, thank you both for the background. Not being in IT, it is hard to know who or what to trust. I downloaded the patch with (seemingly) no ill effects.
What is it with mother's sayings? That one is straight from mine's lips! LOL
12
posted on
01/02/2006 6:02:26 AM PST
by
A.Hun
(Democrats suck worse than ice storms.)
To: Born Conservative
This post has been up for almost an hour, and we haven't had anyone post "Free Republic isn't a computer forum They know they'd get their asses handed to them. ;-)
13
posted on
01/02/2006 6:10:13 AM PST
by
an amused spectator
(Bush Runner! The Donkey is after you! Bush Runner! When he catches you, you're through!)
To: A.Hun
Not being in IT, it is hard to know who or what to trust. I downloaded the patch with (seemingly) no ill effects. I'm going to think about it for a while before I do anything with it.
The unofficial patch seems to revolve around the desire to show images whilst Netting. I've de-registered, and I'm only allowing images from the originating site (FireFox). I'm thinking about disallowing images totally, until the official patch comes out, but who knows how long Redmond is going to take.
14
posted on
01/02/2006 6:14:32 AM PST
by
an amused spectator
(Bush Runner! The Donkey is after you! Bush Runner! When he catches you, you're through!)
To: KeyWest
Looks like some EXCELLENT info, KW.
15
posted on
01/02/2006 6:15:24 AM PST
by
an amused spectator
(Bush Runner! The Donkey is after you! Bush Runner! When he catches you, you're through!)
To: wvobiwan
Don't you love MS development strategy? "Get it to market first, then finish programming." I've been in the software development business for over 20 years. Trust me, MS is not the only company that this applies to.
But you are never really "finished programming". And at some point, you have to release or you will never get a product out the door.
If everything released was "finished", wouldn't everything be at version 1.0 - heck, version numbers wouldn't even be necessary.
Is Linux "finshed"? Oracle? etc. etc.
I'm not trying to absolve MS, but I don't hold them up to any higher standard than I would any other company because I've been on the other side of things, and there is NO major piece of software out there that is perfectly written.
But you'd think so if you read the various anti-MS blogs - you find all of the perfect programmers there who never have written code with a bug in their lives. :-)
To: KeyWest
17
posted on
01/02/2006 6:23:36 AM PST
by
satchmodog9
(Most people stand on the tracks and never even hear the train coming)
To: KeyWest
To: KeyWest
Thank you. Fix seems to be running okay.
To: KeyWest
From the linked article: "...Publishing exploit code such as this for an unpatched vulnerability on a holiday weekend is, without any doubt, a totally irresponsible act..."
This struck me as kind of a stupid thing to say. As if the people who distribute these damned things give a crap about whether it is going to deleteriously impact their victims!
That aside, I appreciate the work that was done by these people on a holiday weekend to fight it. I just thought that comment was naive and silly.
20
posted on
01/02/2006 7:22:43 AM PST
by
rlmorel
("Innocence seldom utters outraged shrieks. Guilt does." Whittaker Chambers)
Navigation: use the links below to view more comments.
first 1-20, 21-40, 41-50 next last
Disclaimer:
Opinions posted on Free Republic are those of the individual
posters and do not necessarily represent the opinion of Free Republic or its
management. All materials posted herein are protected by copyright law and the
exemption for fair use of copyrighted works.
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson