Slashdot Mirror
Exploit Released for Unpatched Windows Flaw
woodchuck writes "Washington Post reports that another Windows hole has been found and exploit code is now running lose that makes swiss cheese of current patches and security measures.
From the article: "Security researchers have released instructions for exploiting a previously unknown security hole in Windows XP and Windows 2003 Web Server with all of the latest patches applied. Anti-virus company Symantec warned of the new exploit, which it said uses a vulnerability in the way Windows computers process certain image files (Windows Meta Files, or those ending in .wmf). Symantec said the exploit is designed to download and run a program from the Web that downloads several malicious files, including tools that attackers could use to control vulnerable computers via IRC.""
From what I read about this earlier (sorry, don't have the link), this exploit was already in the wild and was being used before any of the security companies learned of it. So no, the AV companies did not "let this one loose".
Be a real patriot: Question authority. Think for yourself. Formulate your own conclusions.
No, it's a buffer overload in Windows Picture and Fax Viewer.
It's a Windows only format, or at least seems to be. I don't find any references of ports to other platforms. It's an old format for doing vector graphics in Windows 3.1.
Can someone explain to me exactly how an image viewer
program running on my client computer can be
made to execute code? Honestly, I don't really understand
these exploits that supposedly take advantage of
a client buffer overflow (or some such thing) to execute
code on my local machine. What makes the instruction pointer in
the code that is reading (in this case) the wmf file suddenly
jump to code that is in the data segment? (Presumably embedded in
the wmf file itself).
http://www.dslreports.com/speak/print/default;1512 1004
There's an excerpt of our chat in that post too.
[Fuck Beta]
o0t!
Oh and those wonderfull windows exploits, works, spyware, wild tangent, trojan horses, worms and blue screens. And then, linux. What I never thought I could afford happened. I had a unix at home. It looked just like the real thing. Root easily accesible from your user account to make it workable to split your accounts. Didn't you hate it when in windows if you wanted to install any software no matter how trivial you had to logout and login as admin to do it and the only way to get some work done was to always get admin privileges on every machine?
Nowadays when someone gives me the root password on a unix like machine I always demand a pay raise. It probably means they expect me to fix it in the weekend.
Thank you MS for making me stick with linux. The energy bill had me y contemplating scrapping my dual P3 linux desktop and only keep my P4 gaming rig. Windows 2003 is actually pretty stable, now all they got to do is clear the goddamn fucking security holes.
Geez, just a few articles ago people were actually talking about how MS was changing and bam we get the mother of all exploits. The only thing worse would be a worm. This is so easily exploitable. Just make an account on forum that allows those awfull avatar images and bam.
I can't believe the slashdot reader reaction either, first bunch of posts are some insane ramblings about hackers/crackers and the rest have some insane fix that even the most moronic idiot can see is a total failure.
Yes fucktards who suggest that whole unregister crap, because of the way MS has setup its OS many a windows program comes with its own copy of the dll it uses EVEN if it is a copy of a Windows OS dll. To avoid versioning problems it is easier to include it then hope the user OS has the right version.
Do a dupe check your dll's in the main windows directories and where you install your programs some times. What do you think the chances are they will all be patched? It is a well known problem and in fact one of the reasons the whole dynamic linking idea was so attractive.
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.