Welcome Guest [Log In] [Register]
Welcome to EmachineUpgraders. We hope you enjoy your visit.


You're currently viewing our forum as a guest. This means you are limited to certain areas of the board and there are some features you can't use. If you join our community, you'll be able to access member-only sections, and use many member-only features such as customizing your profile, sending personal messages, and voting in polls. Registration is simple, fast, and completely free.


Join our community!


If you're already a member please log in to your account to access all of our features:

Username:   Password:
Add Reply
What will you do about the WMF Vulnerablility?
Apply the various patches until the official ones. 3 (33.3%)
I'm a Windows 98 or ME user. I'll upgrade to 2000/XP 0 (0%)
I'm a Linux/Mac OS User. MS Sucks! 3 (33.3%)
Who cares anyway! 1 (11.1%)
There is a WMF vulnerability? 2 (22.2%)
Total Votes: 9
WMF vulnerability; For ALL Windows 95/98/ME/2000/XP/2003
Topic Started: Jan 2 2006, 05:41 PM (734 Views)
cmcarthy
No Avatar
CREW MEMBER
[ *  *  * ]
"The 2005 WMF vulnerability is a vulnerability in Microsoft Windows which was first disclosed on Bugtraq on 27 December 2005 [1], and subsequently used in a variety of exploits. The vulnerability, located in gdi32.dll, arises from the way in which Windows operating systems handle Windows Metafile (WMF) vector images, and permits arbitrary code to be executed on infected computers without the permission of their users. Windows versions from Windows 98 to Windows Server 2003 R2 are known to be vulnerable to the exploit, while versions as old as Windows 3.0 are probably also vulnerable. Exploits of this vulnerability are thus among the very few examples of genuine drive-by download." (from en.wikipedia.org)

This is NOT browser specific. Therefore, users of Opera or Firefox could just be as vulnerable as IE users. Sadly, according to website #1 below, Windows 98, ME or earlier Windows operating systems may NEVER receive a patch. So, this may be the reason people will want to upgrade. Linux, Mac OS-X, and Unix OS are not affected. A video can be see at http://www.websensesecuritylabs.com/images...s/wmf-movie.wmv

Solutions are listed below and include un-registering the faulty dll, applying a temporary patch, using DEP protecting in XP SP2 (AMD & Intel NX/XD feature may help) and using up-to-date antivirus software.

For more information please see the following websites:

#1 - http://isc.sans.org/diary.php?storyid=994

#2 - http://en.wikipedia.org/wiki/2005_WMF_vulnerability

#3 - http://us.mcafee.com/virusInfo/default.asp...&virus_k=137760

#4 - http://www.microsoft.com/technet/security/...ory/912840.mspx

#5 - http://www.kb.cert.org/vuls/id/181038
Offline Profile Quote Post Goto Top
 
bwTN
No Avatar
JUNIOR MEMBER
[ *  * ]
I'm gonna keep java, activeX turned off, and keep admin accounts off the net, maybe thinking seriously about switching to Linux.
T2682, upgraded to P4 2.4
added WD 40g HD
doubled RAM to 512K
XP Service Pack 2/IE7
Upgraded to 350Watt PSU
Offline Profile Quote Post Goto Top
 
cmcarthy
No Avatar
CREW MEMBER
[ *  *  * ]
Quote:
 
I'm gonna keep java, activeX turned off, and keep admin accounts off the net, maybe thinking seriously about switching to Linux.


Well don't let this me the deciding factor...Microsoft will have a patch available on Jan 10, 2006. To my surprise, a security expert (at http://www.grc.com/SecurityNow.htm show #9) said that Linux and other open source OSes are more hackable because they are fully known! :(

Anyways, as for the patch, see the note below: :D

"Microsoft has completed development of the security update for the vulnerability. The security update is now being localized and tested to ensure quality and application compatibility. Microsoft’s goal is to release the update on Tuesday, January 10, 2006, as part of its monthly release of security bulletins. This release is predicated on successful completion of quality testing.

The update will be released worldwide simultaneously in 23 languages for all affected versions of Windows once it passes a series of rigorous testing procedures. It will be available on Microsoft’s Download Center, as well as through Microsoft Update and Windows Update. Customers who use Windows’ Automatic Updates feature will be delivered the fix automatically."


Since it says all affected versions of Windows we can assume that Windows 95 , 98 and ME will be patched as well.

More information at http://www.microsoft.com/technet/security/...ory/912840.mspx
Offline Profile Quote Post Goto Top
 
olderthandirt1157
Unregistered

Got to love MS for their prompt action in patch one of the more critical flaws found in a while. Here's something to help make your surfing a little safer.
VMplayer is away to browse without touching your OS.

===== Quote=====
VMware Player
Start experiencing the benefits of virtual machines.

1. Download VMware Player.
2. Try the pre-built Browser Appliance virtual machine, configured for secure internet browsing.

====end quote====
Quote Post Goto Top
 
turk101
No Avatar
JUNIOR MEMBER
[ *  * ]
Last 2 days...been warning friends and family about this and helping them patch systems....All my computers at home...(5) dual boot linux and windows....windows is dead to the internet...only way to internet is through linux...I use PCLINUXOS .92 or Mepis 3.3.1 right now....No virus or spyware for 1 year....takes some work and research....but worth it for no grief.... :D
Offline Profile Quote Post Goto Top
 
olderthandirt1157
Unregistered

In case you haven't applied a ppatch while waiting for MS to issue theirs you can download Ilfak's WMFFix at GRC. http://www.grc.com/sn/notes-020.htm

Apparently MS may have their patch ready sooner than next weeks update cycle.
Quote Post Goto Top
 
cmcarthy
No Avatar
CREW MEMBER
[ *  *  * ]
Quote:
 
Apparently MS may have their patch ready sooner than next weeks update cycle.


You're absolutely right! MS released the patch today (Jan 5, 2006) at 2:00 pm PST. The Windows XP (SP1/SP2) can be found here:

http://www.microsoft.com/downloads/details...9B-215B7BB4D8E9

The websites for the other affected platforms (Windows 98/98SE & ME are not on the list) can be found at

http://www.microsoft.com/technet/security/...n/ms06-001.mspx

Of course, you can allow Windows Update (or Microsoft Update) to pick it up for you as well. ;)
Offline Profile Quote Post Goto Top
 
1 user reading this topic (1 Guest and 0 Anonymous)
« Previous Topic · IMPORTANT ANNOUNCEMENTS · Next Topic »
Add Reply