Full Disclosure mailing list archives
RE: Static Blocking for the WMF Exploit - over 50known variants
From: "Discussion Lists" <discussions () lagraphico com>
Date: Thu, 29 Dec 2005 08:50:10 -0800
Sorry if this was asked before, but how do I know if my machine has been compromised? I am working on a way to contain any damage caused by this exploit, and it would be helpful to know for sure that what I am doing is working or not working. Thanks! -----Original Message----- From: full-disclosure-bounces () lists grok org uk [mailto:full-disclosure-bounces () lists grok org uk] On Behalf Of Todd Towles Sent: Thursday, December 29, 2005 7:16 AM To: full-disclosure () lists grok org uk Subject: [Full-disclosure] Static Blocking for the WMF Exploit - over 50known variants Sunbelt has released several sites that are being used to spread bad WMF files http://sunbeltblog.blogspot.com/2005/12/more-than-50-wmf-variants-in-wild.html <http://sunbeltblog.blogspot.com/2005/12/more-than-50-wmf-variants-in-wild.html > I have added this sites into my static blocking, but this isn't a great method..but it can only help at this point. Wanted to share this information. -Todd
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- RE: Static Blocking for the WMF Exploit - over 50known variants Discussion Lists (Dec 29)