Another insane windows security hole...

RawAlex · 2006-01-02, 08:48 PM

http://news.ft.com/cms/s/0d644d5e-7b...0779e2340.html

This is the WMF issue that surfaced last week... but now the dumbasses that figured it out published the source code to the hack, so expect to be totally bombarded with bullshit.

This is a bad one too, because it is activated with really no action on your behalf. Just surfing to a website with an infected graphic file is enough to infect your system with no additional action on your behalf.

So surf carefully... There is some risk that corporate websites could become infected in the next few days, making any surfing risky.

Be careful out there.

Alex

Cleo · 2006-01-02, 08:53 PM

I really need to switch to Windows

Toby · 2006-01-02, 08:54 PM

[quote=RawAlexThis is a bad one too, because it is activated with really no action on your behalf.[/QUOTE]Only if you are using IE. If you use Firefox, Mozilla, etc. it generates a dialog box requesting authorization to run.

RawAlex · 2006-01-02, 10:08 PM

Toby, it can be activated by (and not limited to) google desktop or even the file browser on your system (which is IE in a different box) or image preview. So if you happen to save the file to your desktop rather than view it directl, you likely will activate it.

It doesn't take much at all.

Alex

bluemoney · 2006-01-03, 01:40 PM

Think this may help . . http://www.grc.com/sn/notes-020.htm

Ilfak Guilfanov, well known in "reverse engineering" circles for his wildly popular IDA Disassembler, needed a temporary patch for his own system due to the seriousness of the WMF vulnerability.

Useless · 2006-01-03, 03:28 PM

Thanks for the heads-up, Alex. And thanks for the link, bluemoney. I just took the plunge and installed Mr. Guilfanov's temporary hotfix since who the hell knows when Bill Gates' boys will react to this thing. My system rebooted fine and everything seems good, but my bedroom wallpaper is now hideous. Don't know how that happened.

bluemoney · 2006-01-03, 04:44 PM

Quote:

Originally Posted by Useless Warrior

My system rebooted fine and everything seems good, but my bedroom wallpaper is now hideous.

Look on the positive side UW! Now you have the “perfect” background to shoot some content.

Mattinblack · 2006-01-03, 05:03 PM

"The company (Microsoft) could not be reached on Monday for comment."

Sounds about right. Anybody else old enough to remember when this happened before with Postscript files back in the dawn of time?

DJilla · 2006-01-03, 05:35 PM

Quote:

Originally Posted by bluemoney

Think this may help . . http://www.grc.com/sn/notes-020.htm

Ilfak Guilfanov, well known in "reverse engineering" circles for his wildly popular IDA Disassembler, needed a temporary patch for his own system due to the seriousness of the WMF vulnerability.

Was just coming to post this link myself. Patch works perfectly. Anybody that doesn't have GRC link in his/her Favorites file should add it. Security god and a really good guy!

RawAlex · 2006-01-03, 03:55 PM

Don't worry UW, it's just a temporary patch... when you get the real one from MS your walls will once again look like computer generated clouds...

Alex

bluemoney · 2006-01-03, 07:09 PM

I would be remiss if I didn’t mention this link was provided to me on another board from a user named StrangeDay. I don’t know if he or she is a member here, but they do deserve props on this one

2006-01-02, 08:48 PM	#1
RawAlex Took the hint. Join Date: Mar 2003 Posts: 5,597	Another insane windows security hole... http://news.ft.com/cms/s/0d644d5e-7b...0779e2340.html This is the WMF issue that surfaced last week... but now the dumbasses that figured it out published the source code to the hack, so expect to be totally bombarded with bullshit. This is a bad one too, because it is activated with really no action on your behalf. Just surfing to a website with an infected graphic file is enough to infect your system with no additional action on your behalf. So surf carefully... There is some risk that corporate websites could become infected in the next few days, making any surfing risky. Be careful out there. Alex

2006-01-02, 08:53 PM	#2
Cleo Subversive filth of the hedonistic decadent West Join Date: Mar 2003 Location: Southeast Florida Posts: 27,936	I really need to switch to Windows __________________ Free Rides on Uber and Lyft Uber Car: uberTzTerri Lyft Car: TZ896289

2006-01-02, 08:54 PM	#3
Toby Lonewolf Internet Sales Join Date: Mar 2005 Location: Houston Posts: 4,826	[quote=RawAlexThis is a bad one too, because it is activated with really no action on your behalf.[/QUOTE]Only if you are using IE. If you use Firefox, Mozilla, etc. it generates a dialog box requesting authorization to run. __________________ Latex Vixens Babes In Boots Well Heeled Women Dressing For Sex Stocking Vixens

2006-01-03, 01:40 PM	#5
bluemoney Shimmering Silver Head Of Wisdom Looking At Me! Join Date: Sep 2005 Location: Chronic Town Posts: 2,024	Think this may help . . http://www.grc.com/sn/notes-020.htm Ilfak Guilfanov, well known in "reverse engineering" circles for his wildly popular IDA Disassembler, needed a temporary patch for his own system due to the seriousness of the WMF vulnerability. __________________ Milf Porn For The Masses

2006-01-03, 03:28 PM	#6
Useless Certified Nice Person Join Date: Oct 2003 Location: Dirty Undies, NY Posts: 11,268	Thanks for the heads-up, Alex. And thanks for the link, bluemoney. I just took the plunge and installed Mr. Guilfanov's temporary hotfix since who the hell knows when Bill Gates' boys will react to this thing. My system rebooted fine and everything seems good, but my bedroom wallpaper is now hideous. Don't know how that happened. __________________ Click here to purchase a bridge I'm selling.

2006-01-02, 10:08 PM	#4
RawAlex Took the hint. Join Date: Mar 2003 Posts: 5,597	Toby, it can be activated by (and not limited to) google desktop or even the file browser on your system (which is IE in a different box) or image preview. So if you happen to save the file to your desktop rather than view it directl, you likely will activate it. It doesn't take much at all. Alex

2006-01-03, 05:03 PM	#8
Mattinblack Asleep at the switch? I wasn't asleep, I was drunk Join Date: Nov 2005 Location: London UK in a house share with three 28 yr old girls...perv perv Posts: 215	"The company (Microsoft) could not be reached on Monday for comment." Sounds about right. Anybody else old enough to remember when this happened before with Postscript files back in the dawn of time? __________________ Mattinblack - <a href="http://pornlinks.kwikfire.com">PornLinks</a> - <a href="http://strange-attractor.kwikfire.com">Strange Attractor</a> - <a href="pnav.kwikfire.com">PORNavigator</a> - <a href="http://ukescort.kwikfire.com/">Fem Escorts</a> - <a href="http://kwikfire.com/">Hosting</a>

2006-01-03, 03:55 PM	#10
RawAlex Took the hint. Join Date: Mar 2003 Posts: 5,597	Don't worry UW, it's just a temporary patch... when you get the real one from MS your walls will once again look like computer generated clouds... Alex

2006-01-03, 07:09 PM	#11
bluemoney Shimmering Silver Head Of Wisdom Looking At Me! Join Date: Sep 2005 Location: Chronic Town Posts: 2,024	I would be remiss if I didn’t mention this link was provided to me on another board from a user named StrangeDay. I don’t know if he or she is a member here, but they do deserve props on this one __________________ Milf Porn For The Masses