Published: 2006-01-09,
Last Updated: 2006-01-09 18:27:08 UTC by William Salusky (Version: 1)
We had hoped the chapter on WMF exploits had finally been closed, pending the patching of countless millions of vulnerable workstations of course. However, today we were forwarded a Bugtraq disclosure of two additional functions vulnerable to memory corruption attack within the Microsoft graphics rendering engine. The flaw reportedly affects the 'ExtCreateRegion' and 'ExtEscape' functions and while there has been no current proof of concept exploit/DoS code publicly released we will be watching this issue closely.
http://www.incidents.org/diary.php?storyid=1031
 | Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years. Thanks, CNET Support |
General discussion
NEWS - January 9, 2006
By Tom Espiner, ZDNet (UK)
Published on ZDNet News: January 9, 2006, 11:57 AM PT
Internet service providers were urged on Monday to check their user traffic patterns to locate and shut down machines infected with the mass-mailing Sober worm.
Although Sober is no longer trying to replicate, antivirus company F-Secure believes ISPs must warn infected customers so they can disinfect themselves.
Infected PCs were programmed to download new instructions from the Internet last week, which would have heralded another attack. This update did not actually appear online, but infected machines are still trying to download it.
more here
http://news.zdnet.com/2100-1009_22-6024727.html?tag=zdnn.alert
Discussion is locked
4 Posts
- Collapse
- Collapse -
- Collapse -
Lennart Wistrand here. I wanted to write a few lines about the public post made over the weekend about a new specially crafted WMF image that could potentially cause the application using the Windows Graphics Rendering Engine to crash. As it turns out, these crashes are not exploitable but are instead Windows performance issues that could cause some WMF applications to unexpectedly exit. These issues do not allow an attacker to run code or crash the operating system. They may cause the WMF application to crash, in which case the user may restart the application and resume activity. We had previously identified these issues as part of our ongoing code maintenance and are evaluating them for inclusion in the next service pack for the affected products.
More: http://blogs.technet.com/msrc/archive/2006/01/09/417198.aspx
- Collapse -
By Joris Evers, CNET News.com
Published on ZDNet News: January 9, 2006, 12:48 PM PT
Microsoft plans to scour its code to look for flaws similar to a recent serious Windows bug and to update its development practices to prevent similar problems in future products.
The critical flaw, in the way Windows Meta File images are handled, is different than any security vulnerability the software maker has dealt with in the past, Kevin Kean and Debby Fry Wilson, directors in Microsoft's Security Response Center, said in an interview with CNET News.com. Typical flaws are unforeseen gaps in programs that hackers can take advantage of and run code. By contrast, the WMF problem lies in a software feature being used in an unintended way.
more here
http://news.zdnet.com/2100-1009_22-6024778.html?tag=zdnn.alert
- Collapse -
By Will Sturgeon, Silicon.com
Published on ZDNet News: January 9, 2006, 1:52 PM PT
British-based Barclays Bank is urging customers of its online service to download security software, which is provided as part of a tie-up with Finnish antivirus vendor F-Secure. The tools available to download on the online banking site include anti-spyware protection and rootkit detection as well as a traditional antivirus product.
more here
http://news.zdnet.com/2110-1009_22-6024825.html?tag=zdnn.alert
CNET Forums
Operating Systems
Software
Electronics & Gadgets
Hardware
Tablets & Mobile Devices
General Help
Roadshow Autos
Chowhound
Comic Vine
GameFAQs
GameSpot
Giant Bomb
TechRepublic