Microsoft Responds to WMF Vulnerability

beuges writes "In an entry on the Microsoft Security Response Center Blog, Stephen Toulouse explains exactly how the WMF flaw could be triggered. BetaNews has an overview of the company's response." From the BetaNews article: "This code exists on every version of Windows since version 3.0, security firms have said. When this functionality was introduced, Toulouse said the security landscape differed from what it is now and metafile records were completely trusted by the operating system. Gibson claimed that the flaw could be exploited only by using a byte size of 1 in the metafile record, which Toulouse says is incorrect. He surmised that Gibson's tests had the offending function as the last entry in the metafile, which caused only incorrect sizes to trigger the flaw." We've previous reported on the backdoor claim.

It's a backdoor asshat

[ThoreauHD]

Next you'll propose a weather balloon or flock of seagulls that leaves this remote accesss intact for 15 years.

Computer Entomology

[Device666]

Entomologists are people who like to collect en conservate bugs. If you check out the lemma "entomology" at wikipedia you will read:"Entomology is the scientific study of insects. Insects have many kinds of interactions with humans and other forms of life on earth, so it is an important specialty within biology; unlike many other fields however, entomologists include both persons studying insects for their own sake, and those employed by commercial concerns interested in the control of insects."

Who would not conservate the very famous Pentatomidae Metadatadactylo? I think Microsoft is just being very friendly to insects.

Re:Pentatomidae Metadatadactylo

[Device666]

yeah but I made a mistake. It was a loose quasi offtopic reaction, not a real reply ;-)