funsec mailing list archives
Ilfak's WMF patch v. Microsoft's solution
From: "Richard M. Smith" <rms () computerbytesman com>
Date: Sun, 1 Jan 2006 22:52:06 -0500
My gut says that the ill-advised ABORTPROC "feature" of .WMF files has no legit uses and therefore should be killed ASAP. OTOH, Microsoft's current alternative of turning off the Windows picture/FAX viewer is much worse. Microsoft fails to point out that turning off the viewer kills the ability to view digital photos which is a big deal for many Windows users. I'm really concerned that we will see the mother-of-email-worms in the next week or two before Microsoft releases a patch on Windows update. I suspect Microsoft's patch will look a lot like Ilfak's which will simply kill ABORTPROC. Richard -----Original Message----- From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On Behalf Of Larry Seltzer Sent: Sunday, January 01, 2006 5:09 PM To: 'FunSec [List]' Subject: RE: [funsec] Ilfak's WMF patch Bear in mind that this patch does explicitly break functionality and even Ilfak says that when a real patch is available you should uninstall his. The real question here is whether there is any legitimate use, let alone significant legitimate use, of the broken functionality out in the real world. The people who are "testing" and endorsing this patch aren't exactly running large test suites of real software through it. For all we know there are important graphics programs that are broken by it, and I think Ilfak is cautious on this point. I'm getting ready to write about this myself and I'm thinking of saying that in the interim I'm only really concerned with whether a) it's effective and b) the uninstall works properly. If (a&b) then it's probably a good idea at least to test the patch in order to see if it breaks your applications. By tomorrow morning if I see no reports of problems I'll be satisfied enough of b and every report so far tells me a is true, although I'd like to see more organized testing. Larry Seltzer eWEEK.com Security Center Editor http://security.eweek.com/ http://blog.ziffdavis.com/seltzer Contributing Editor, PC Magazine larryseltzer () ziffdavis com _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: Ilfak's WMF patch, (continued)
- Re: Ilfak's WMF patch Matthew Murphy (Jan 01)
- Re: Ilfak's WMF patch Valdis . Kletnieks (Jan 01)
- Re: Ilfak's WMF patch Matthew Murphy (Jan 01)
- Re[2]: Ilfak's WMF patch Ilfak Guilfanov (Jan 01)
- Re: Ilfak's WMF patch Matthew Murphy (Jan 01)
- RE: Re[2]: Ilfak's WMF patch Larry Seltzer (Jan 02)
- Re[4]: Ilfak's WMF patch Ilfak Guilfanov (Jan 02)
- RE: Re[4]: Ilfak's WMF patch Richard M. Smith (Jan 02)
- Re[6]: Ilfak's WMF patch Ilfak Guilfanov (Jan 02)
- Re: Re[4]: Ilfak's WMF patch Valdis . Kletnieks (Jan 02)
- Ilfak's WMF patch v. Microsoft's solution Richard M. Smith (Jan 01)
- Re: Ilfak's WMF patch v. Microsoft's solution Matthew Murphy (Jan 01)
- RE: Ilfak's WMF patch v. Microsoft's solution Richard M. Smith (Jan 02)
- RE: Ilfak's WMF patch v. Microsoft's solution Hank Nussbacher (Jan 02)
- RE: Ilfak's WMF patch v. Microsoft's solution Richard M. Smith (Jan 02)
- Re: Ilfak's WMF patch v. Microsoft's solution Alex Shipp (elist) (Jan 03)
- RE: Ilfak's WMF patch v. Microsoft's solution Larry Seltzer (Jan 02)
- RE: Ilfak's WMF patch v. Microsoft's solution Richard M. Smith (Jan 02)
- RE: Ilfak's WMF patch v. Microsoft's solution Larry Seltzer (Jan 02)
- Re: Ilfak's WMF patch v. Microsoft's solution Aviram Jenik (Jan 02)
- RE: Ilfak's WMF patch v. Microsoft's solution Richard M. Smith (Jan 02)