funsec mailing list archives
Re: Interview: Ilfak Guilfanov
From: rms () computerbytesman com
Date: Thu, 5 Jan 2006 21:24:23 -0500 (EST)
Good interview, but I'm still left wondering why Internet Explorer won't execute malicuous code when it directly displays a booby-trapped .WMF file as opposed to the Windows picture/FAX viewer which will execute the malicous code. Since both programs presumably use gdi32.dll to display a .WMF file, why is there be a difference in behavour? Richard
-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 With all the misinformation and theorizing going around, I figured the community might be interested in some... you know, accurate information. It's really refreshing, sometimes. So, SecuriTeam blogs has posted an interview with Ilfak Guilfanov (author of the interim fix for the WMF vulnerability) about all things WMF. We covered in detail, three main topics: * The nature of the vulnerability * The details of Ilfak's interim fix * The other workarounds that are available The URL for that blog post is: http://blogs.securiteam.com/index.php/archives/176 A big thanks is in order to Ilfak for taking the time to do the interview. - -- "Social Darwinism: Try to make something idiot-proof, nature will provide you with a better idiot." -- Michael Holstein -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) iD8DBQFDvDddfp4vUrVETTgRA5B0AKDPA0eIs7k7q7r6pJ3n8WiB4s9v7wCfYAea uy8rtwdPy0ZWYbV/i/Yke+Q= =T46q -----END PGP SIGNATURE----- _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Interview: Ilfak Guilfanov Matthew Murphy (Jan 04)
- Re: Interview: Ilfak Guilfanov rms (Jan 05)
- Re: Interview: Ilfak Guilfanov Matthew Murphy (Jan 05)
- Re: Interview: Ilfak Guilfanov rms (Jan 06)
- Re: Interview: Ilfak Guilfanov Matthew Murphy (Jan 05)
- <Possible follow-ups>
- RE: Interview: Ilfak Guilfanov Todd Towles (Jan 06)
- RE: Interview: Ilfak Guilfanov rms (Jan 06)
- Re: Interview: Ilfak Guilfanov rms (Jan 05)