Posted January 6, 200619 yr Not our normal news, but important news, in my opinion. A vulnerability has been discovered in Microsoft Windows, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an error in the handling of Windows Metafile files (".wmf") containing specially crafted SETABORTPROC "Escape" records. Such records allow arbitrary user-defined function to be executed when the rendering of a WMF file fails. This can be exploited to execute arbitrary code by tricking a user into opening a malicious ".wmf" file in "Windows Picture and Fax Viewer" or previewing a malicious ".wmf" file in explorer (i.e. opening a folder containing a malicious image file). The vulnerability can also be exploited automatically when a user visits a malicious web site using Microsoft Internet Explorer. NOTE: Exploit code is publicly available. This is being exploited in the wild. The vulnerability can also be triggered from explorer if the malicious file has been saved to a folder and renamed to other image file extensions like ".jpg", ".gif, ".tif", and ".png" etc. Surprisingly Microsoft has released the patch earlier then they first said, just now in fact. So it's HIGHLY recommended you update your Windows to fix this critical flaw now. More info on the flaw and patch can be found here: http://www.microsoft.com/technet/security/bulletin/ms06-001.mspx
January 6, 200619 yr i noticed the update..funny shiz,i heard that the patch was gonna be released with the normal patchday on the 10th.
January 6, 200619 yr Heh, I first learnt about this in 2004 by this real techy friend. So people must have been using this for ages. It would have been good if I were actually 1337 haxor enough to use that information.
January 6, 200619 yr sp33dy, youre a dumbass, the code is public, thousands of people hav it, mmk? http://www.milw0rm.com/id.php?id=1391
January 7, 200619 yr Isn’t the first fucking time some fucking wmf picture downloaded and auto opened and fucked me over... I have had it happen like 3 times now....... Downloading now! :lmfao:
January 9, 200619 yr First post, and I'm gonna use it to say this: if you have a decent virus scanner, this exploit has been fixed for awhile. Slashdot posted something about this exploit almost 3 weeks ago, if not longer. One of the links I found while reading up on the exploit lead to a site that had a test wmf file (it would launch code to restart your computer (shutdown -r) if it wasn't protected against it). Any modern and up-to-date virus scanner would catch the malicious wmf file and nothing would happen. However, I will say that it is good that M$ is finally releasing an update to fully protect us from this exploit, though. Also, on side notes, I have read in a single location (so it's a rumor at best) that Linux distributions have had this problem fixed for 2 years now. Also, any OS running Wine is completely open to this exploit as the idiots who wrote Wine implemented the entire WMF API into the application... no limitations included. PS: if you want a good & detailed description of this old, outdated exploit and the test file I was talking about go here: http://forums.somethingawful.com/showthread.php?threadid=1759903
