January 6, 200619 yr Quote PsychoBud']Wrong, heklim...ANY browser is susceptible, since what is it is an exploit of the fax and image viewer. What it works out as, is by posting a WMF on a stie that has particular modifications done to it, when it's downloaded as a file "cookie" into the temporary internet folder, and changed to a bmp instead of a WMF (something ALL browsers typically do), it's capable of causing a buffer overflow in the F&IV built into NT2K, NT2K3, ME, and XP which is still automatically associated with such files, even if they haven't actively been clicked by the user (at least according to industry releases regarding the exploit) Personally, though, I haven't managed to get it to RUN any code for me unless the person has accepted the WMF, and actually double-clicked it (LOOKED at in in F&IV), but then again, maybe I haven't been doing it completely correctly (taking full advantage of the exploitable situation) this isnt even a buffer overflow, Windows is handling the WMF files as its supposed to. The image only need to be viewed. A WMF is like a PDF in a way, since it calls upong the Windows Graphics Promitives to draw the image/text how the script tells them to. A built-in feature to Windows handling of the WMF file is allowing for Malicious Hackers to run any code they please. This happens, as I explained before, when the script fails. All you need to do is put 2 and 2 together. Hmm, fail the script, and you can run any code you please.
January 6, 200619 yr Quote heklim']old' date=' dumb, only coons that use internet explorer need to worry about it. now stop spam.[/quote'] i bet you felt dumb when you saw this made it to the news section...
January 6, 200619 yr as of right now, Microsoft has just released a patch, so, its pretty safe to say not many will be getting with with this anymore.
