WINE Still Vulnerable to WMF Exploit
blast3r wrote to mention a ZDNet Blog posting by George Ou, stating that WINE is still vulnerable to the WMF flaw. From the article: "All applications launched inside Wine, Cedega, or Cross-Over Office are technically still exploitable. Wine runs on most x86 platforms, including Linux and the various BSDs. The surprising part about finding this flaw in Wine is that they implemented the entire Meta File API without realizing that this could be a security issue. Exploiting a Windows application running inside Wine depends on that application calling the vulnerable function with malicious data."
We can say now that Linux is truly ready for desktop because it catched up to Windows in these important features aswell!
It takes a man to suffer ignorance and smile
Be yourself no matter what they say
...that wine provided so much of the normal windows user experience. I must start recommending it to my friends
http://michaelsmith.id.au
This shows how great Wine is. It even emulates exploits and being late with the patches! Hurray for Wine!
Until I can get my Linux box rootkitted by Sony DRM.
On a serious note, I wonder what this means for emulation projects. If you recognize an exploit in the original environment (as possibly someone did when writing a WMF parser for WINE), do you implement the exploit in your emulator or do you introduce a potential incompatibility?
WINE IS NOT AN EMULATOR!
All applications launched inside Wine, Cedega, or Cross-Over Office are technically still exploitable
That's 3 Unix/Linux vulnerabilities to 1 for Windows. Windows is more secure.
For WINE users, here's a patch.
Wow, I could never imagine this time would come, after all those here's a patch jokes!
Beware: In C++, your friends can see your privates!