Security update for WMF vulnerability - Page 2 - Techist - Tech Forum

Go Back   Techist - Tech Forum > Computer Software > Microsoft Windows and Software
Click Here to Login
Closed Thread
 
Thread Tools Display Modes
 
Old 01-05-2006, 09:42 PM   #11 (permalink)
Techie Beyond Description
 
Osiris's Avatar
 
Join Date: Jan 2005
Location: Kentucky
Posts: 36,817
Send a message via ICQ to Osiris Send a message via AIM to Osiris Send a message via MSN to Osiris Send a message via Yahoo to Osiris
Default

I dont think this is a big as everyone is making it out to be...
__________________

__________________
Osiris is offline  
Old 01-05-2006, 10:11 PM   #12 (permalink)
Master Techie
 
Join Date: Feb 2004
Posts: 2,172
Send a message via AIM to Win2kpatcher
Default

WMF?
__________________

Win2kpatcher is offline  
Old 01-05-2006, 10:25 PM   #13 (permalink)
Techie Beyond Description
 
Osiris's Avatar
 
Join Date: Jan 2005
Location: Kentucky
Posts: 36,817
Send a message via ICQ to Osiris Send a message via AIM to Osiris Send a message via MSN to Osiris Send a message via Yahoo to Osiris
Default

WMF vulnerability

Windows Meta File
__________________
Osiris is offline  
Old 01-05-2006, 10:38 PM   #14 (permalink)
Techie Beyond Description
 
Osiris's Avatar
 
Join Date: Jan 2005
Location: Kentucky
Posts: 36,817
Send a message via ICQ to Osiris Send a message via AIM to Osiris Send a message via MSN to Osiris Send a message via Yahoo to Osiris
Default

Microsoft has yielded to pressure and released a patch for the latest Windows security vulnerability, breaking its regular once-a-month update schedule.

The software giant has issued a software patch for the Windows Meta File (WMF) vulnerability, uncovered on Dec. 27 and confirmed on Dec. 28, that Microsoft had initially planned to release with other software updates and fixes on January 10. The patch, MS06-001, is available here.

Microsoft's decision followed mounting criticism that it was leaving millions of users vulnerable to a growing number of WMF attacks, while experts had advised users to take the unprecedented step of downloading non-Microsoft fixes.

In a statement, Microsoft said it was acting following "strong customer sentiment that the release should be made available as soon as possible."

The u-turn comes after Microsoft earlier this week attempted to sooth concerns and silence critics saying, although the WMF vulnerability was serious and malicious attacks were being attempted by hackers, "Microsoft's intelligence sources indicated that the scope of the attacks are not widespread."

According to Microsoft, the WMF vulnerability only effects machines running Windows 2000 Service Pack 4, XP SP 1 and SP 2, XP Professional x64 Edition, Windows Server 2003 and Server 2003 SP 1 and Windows Server 2003 x64 Edition.

Older versions of Windows - Windows 98, 98 Second Edition and Millennium Edition - are going unpatched. While these version of Windows do contain the affected component, Microsoft said the vulnerability is not critical because an "exploitable attack vector" has not been identified that would justify a critical severity rating. Microsoft will only release updates for "critical" security issues on these dating operating systems.

Users still running on Windows NT and pre SP 4 versions of Windows 2000 also get nothing because these have reached the end of Microsoft's mandated support lifecycles. Instead, Microsoft has advised users to upgrade to later editions of Windows
__________________
Osiris is offline  
Old 01-05-2006, 10:39 PM   #15 (permalink)
Techie Beyond Description
 
Osiris's Avatar
 
Join Date: Jan 2005
Location: Kentucky
Posts: 36,817
Send a message via ICQ to Osiris Send a message via AIM to Osiris Send a message via MSN to Osiris Send a message via Yahoo to Osiris
Default

Quote:
Originally posted by TheMajor
Yes, just tried to install it, but can't. Don't have SP1a nor SP2. But I have the older patch installed.
This doesnt even affect you anyways....

XP SP 1 and SP 2 <--its only for SP1 and higher
__________________
Osiris is offline  
Old 01-06-2006, 04:27 AM   #16 (permalink)
PowerQuest / Opera
 
TheMajor's Avatar
 
Join Date: Jun 2004
Location: Netherlands
Posts: 10,177
Default

Maybe Microsoft just published this patch to get people to install SP2 as it sends a monthly copy of your registry to Bill's servers
__________________
TheMajorMMX - Intel P200 MMX @ 225Mhz - V-Tech (PcPartner) Baby-AT mb w/ Intel Triton TX chipset - Nvidia Riva TNT2 M64 w/ 16MB - 256MB M-Tec SDRAM - Still running.....
TheMajor is offline  
Old 01-10-2006, 07:41 AM   #17 (permalink)
Techie Beyond Description
 
Osiris's Avatar
 
Join Date: Jan 2005
Location: Kentucky
Posts: 36,817
Send a message via ICQ to Osiris Send a message via AIM to Osiris Send a message via MSN to Osiris Send a message via Yahoo to Osiris
Default

One week after issuing an emergency patch for a vulnerability in Windows Meta File image processing that opened the door for arbitrary code execution, a new problem has been discovered in the format. But Microsoft has downplayed the concerns, saying the bug only causes "performance issues."

According to a posting to the Bugtraq mailing list, "Windows WMF graphics rendering engine is affected by multiple memory corruption vulnerabilities." The problems involve the ExtCreateRegion and ExtEscape functions.

"Reports indicate that these issues lead to a denial of service condition, however, it is conjectured that arbitrary code execution is possible as well. Any code execution that occurs will be with the privileges of the user viewing a malicious image," says Security Focus.
__________________
Osiris is offline  
Old 01-22-2006, 01:29 AM   #18 (permalink)
Techie Beyond Description
 
Osiris's Avatar
 
Join Date: Jan 2005
Location: Kentucky
Posts: 36,817
Send a message via ICQ to Osiris Send a message via AIM to Osiris Send a message via MSN to Osiris Send a message via Yahoo to Osiris
Default

Contrary to a recent rumor circulating on the internet, Microsoft did not intentionally back-door the majority of Windows systems by means of the WMF vulnerability. Although it is a serious issue that should be patched straight away, the idea that it's a secret back door is quite preposterous.

The rumor began when popinjay expert Steve Gibson examined an unofficial patch issued by Ilfak Guilfanov, and, due to his lack of security experience, observed behavior that he could not explain by means other than a Microsoft conspiracy. He then went on to speculate publicly about this via a "This Week in Tech" podcast, and on his own web site. Slashdot grabbed the story, and the result is a fair number of Netizens who now mistakenly believe that the WMF flaw was created with malicious intent.

What it is
We think it's time that this irrational fear is put to rest. First, let's look at how the flaw works: A WMF (Windows Metafile) image can trigger the execution of arbitrary code because the rendering engine, shimgvw.dll, supports the SetAbortProc API, which was originally intended as a means to cancel a print task, say when the printer is busy with a very large job, or the queue is very long, or there is a mechanical problem, and so on. Unfortunately, due to a bit of careless coding, it is possible to cause shimgvw.dll (i.e., the Windows Picture and Fax Viewer) to execute code when SetAbortProc is invoked.

a script to play back graphical device interface (GDI) calls when a rendering task is initiated. Unfortunately, and due entirely to Microsoft's carelessness whenever security competes with functionality, it is possible to point the abort procedure to arbitrary code embedded in a metafile.

Gibson could not imagine why WMF rendering should need the SetAbortProc API, since, as he mistakenly believed, WMF outputs to a screen, not a printer. In fact, it can output to a printer as well. But following Gibson's erroneous assumption, the question arose: what would be the point of polling the process and allowing the user, or application, to cancel it?

Having exhausted his imagination on that score, he concluded that there's no good reason for SetAbortProc to be involved in handling metafiles. The more logical explanation, Gibson reckoned, was that someone at Microsoft had deliberately back-doored Windows with this peculiar little stuff-up. And besides, the idea of compromising a computer with an image file seemed quite cloak-and-dagger, adding to the supposed "mystery."
__________________
Osiris is offline  
Old 02-08-2006, 10:04 PM   #19 (permalink)
Techie Beyond Description
 
Osiris's Avatar
 
Join Date: Jan 2005
Location: Kentucky
Posts: 36,817
Send a message via ICQ to Osiris Send a message via AIM to Osiris Send a message via MSN to Osiris Send a message via Yahoo to Osiris
Default

Microsoft disclosed another Windows Metafile (WMF) vulnerability Tuesday, saying an attacker could execute code as the logged-in user.

The company discovered four ways that the flaw could be exploited, however it stressed the latest flaw is very limited in scope.

Only users of Internet Explorer 5.01 Service Pack 4 on Windows 2000 Service Pack 4 and Internet Explorer 5.5 Service Pack 2 on Windows Millennium are affected by the problem, Microsoft said.

An attacker would be able to exploit the flaw by hosting a specially crafted WMF file on a Web site, convincing a user to open a specially crafted e-mail attachment, convincing a user to click on a link in an e-mail, or by the user viewing specially crafted e-mail in the preview pane of Outlook Express.
__________________

__________________
Osiris is offline  
Closed Thread

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off




Copyright 2002- Social Knowledge, LLC All Rights Reserved.

All times are GMT -5. The time now is 04:58 AM.


Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.