Slashdot Mirror
Windows XP Flaw 'Extremely Serious'
scottott wrote to mention a Washington Post article with the news that the security hole we mentioned on Wednesday has widened. Computers can now be infected just by visiting infected web sites, or looking at images in the preview panel of older versions of Outlook. From the article: "At first, the vulnerability was exploited by just a few dozen Web sites. Programming code embedded in these pages would install a program that warned victims their machines were infested with spyware, then prompted them to pay $40 to remove the supposed pests. Since then, however, hundreds of sites have begun using the flaw to install a broad range of malicious software. SANS has received several reports of attackers blasting out spam e-mails containing links that lead to malicious sites exploiting the new flaw, Ullrich said."
I needed a bit of underground info(cd key) and went to the best site for that and with out thinking I used IE -- couldent have shut my browser down fast enough.
Spent the next few hours removing all the junk that installed, I was lucky no root kits were installed.
In 1.5 the behaviour changed, and for some reason .WMF was associated in FireFox with Windows Media Player. So 1.5 is secure against this flaw, by lucky accident.
Could someone please elaborate on whether using Firefox browser will help avoid this security hole.
Yes, seriously. That old knee-jerk meme of "IIS vs Apache disproves the myth of exploits due to install base" has to die. Yet someone invariably posts it, and they invariably get modded up. I just hope a few rational mods find your post quickly.
Not to mention that the OP seems to have confused the issue of "exploits" with the issue of "user permissions" which is what was actually being talked about.
The following sentence is true. The preceding sentence was false.
If the image is a jpeg format, then no. If the file is a WMF file with a JPG extension, then I think the answer is Yes. Firefox 1.5 will ask you if you want to view the WMF file (at which point you had better say 'No'). With IE and Firefox 1.0, my understanding is that the wmf file (regardless of its extension) will be automatically viewed and this is enough to get your Windows PC infected.
Think global, act loco
What I'd like to know is -- how long has this exploit been "in the wild?"
... they could have EASILY breached your Windows box, done whatever the hell they wanted, erased all their tracks ... and you'd have to convince a judge and jury it wasn't you.
... ?
If it has been there since WMFs began, that's a long, long time. We're talking Windows '95 or earlier. It all depends when the GDI callbacks feature was added.
So here's what you need to consider: since this exploitable code first "shipped" with Windows, anyone "in the know", e.g. potentially FOLKS AT MICROSOFT, the NSA, your neighbor, whomever
If I build and sell a car that is advertised as having a security system, but that security system is defeatable by running a magnet over the car lock, and that information is "out in the wild" for years and years, maybe even by folks in my company... what is the legal liability?
The only three external things that will adjust Microsoft's behavior regarding security are: (1) customers switching to other products, (2) criminal justice investigations, and (3) lawsuits. I don't see #1 happening so long as customers remain locked in, #2 is a joke as we know, but #3