Windows WMF Security Flaw

Microsoft is dragging their heels on this one. There's a third party patch that takes care of the flaw now and it has been vetted by a number of sources.
This is a big problem. More information here: http://isc.sans.org/index_cached.php
* Why is this issue so important?
The WMF vulnerability uses images (WMF images) to execute arbitrary code. It will execute just by viewing the image. In most cases, you don't have click anything. Even images stored on your system may cause the exploit to be triggered if it is indexed by some indexing software. Viewing a directory in Explorer with 'Icon size' images will cause the exploit to be triggered as well. Microsoft announced that an official patch will not be available before January 10th 2006 (next regular update cycle).
I just installed the patch, but make up your minds for yourselves.
R
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
not really one for this board
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
RicodJour wrote:

Not really home repair and I personally would be more than a little concerned about a patch from anyone other than Microsoft and then I am picky about being sure it is really Microsoft.
--
Joseph Meehan

Dia duit
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Joseph Meehan wrote:

I'm aware that it is off topic for a home repair newsgroup, but since most people on this newsgroup use computers - and I actually happen to like you guys - I thought you'd let this one slide.
I'm with you on the Microsoft fixing Microsoft products, but when they're waiting until the next scheduled patch release for a major flaw that is already being exploited, that's just stupid. That SANS site is a good one. Poke around in there - you might be surprised to see that some of the freeware antivirus programs are quicker to respond to published vulnerabilities than McAfee and Symantec.
Anyway, do as you see fit, and I promise not to start hawking widgets and spamming in here.
R
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
I read about it in Money Magazine and it does indeed put everyone's computer at risk with all versions of Windoze. Should probably be put on every NG. Thanks for bringing to our attention.
Bob

Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
I did see a reference to it and what the fix does. I get very suspicious of claimed fixes that are not verified from a know source. In this case the "patch" appears to only do a registry change which is a user setting anyway. It just eliminates what program automatically is opened to display certain types of files over the internet. As it turns out, that setting has already been changed for me for other reasons.
I don't recommend anyone jump on a fix when they don't know 100% that the fix is not a hoax and will cause problems.
--
Joseph Meehan

Dia duit
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

Site Timeline

HomeOwnersHub.com is a website for homeowners and building and maintenance pros. It is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.