Re: Russinovich: Inside the WMF 'Backdoor'

[Andre Ludwig <andre.ludwig () gmail com>]

All that means is that sysinternals is a workin for da man!11!!1!!1!

VIVA LA TINFOIL REVOLUCION!!!


Dre


On 1/19/06, Fergie <fergdawg () netzero net> wrote:
> Mark writes over on the SysInternals blog:
>
> [snip]
>
> Steve Gibson (of SpinRite fame) proposed a theory in his weekly Thursday-night podcast last week that if true, would 
> be the biggest scandal to ever hit Microsoft - that the Windows Metafile (WMF) vulnerability that drew so much media 
> attention last month is actually a backdoor programmed intentionally by Microsoft for unknown reasons. Slashdot 
> picked up the story the next day and I received a flood of emails asking me to look into it. I finished my analysis, 
> which Steve aided by sending me the source code to his WMF-vulnerability tester program (KnockKnock), over the 
> weekend.
>
> In my opinion the backdoor is one caused by a security flaw and not one made for subterfuge. I sent my findings to 
> both Steve and to Microsoft Monday morning, but because the issue continues to draw media attention I've decided to 
> publicly document my investigation.
>
> [snip]
>
> Much more here:
> http://www.sysinternals.com/blog/2006/01/inside-wmf-backdoor.html
>
> - ferg
>
>
> --
> "Fergie", a.k.a. Paul Ferguson
>  Engineering Architecture for the Internet
>  fergdawg () netzero net or fergdawg () sbcglobal net
>  ferg's tech blog: http://fergdawg.blogspot.com/
>
>
> _______________________________________________
> Fun and Misc security discussion for OT posts.
> https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
> Note: funsec is a public and open mailing list.

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.