Russinovich: Inside the WMF 'Backdoor'

["Fergie" <fergdawg () netzero net>]

Mark writes over on the SysInternals blog:

[snip]

Steve Gibson (of SpinRite fame) proposed a theory in his weekly Thursday-night podcast last week that if true, would be 
the biggest scandal to ever hit Microsoft - that the Windows Metafile (WMF) vulnerability that drew so much media 
attention last month is actually a backdoor programmed intentionally by Microsoft for unknown reasons. Slashdot picked 
up the story the next day and I received a flood of emails asking me to look into it. I finished my analysis, which 
Steve aided by sending me the source code to his WMF-vulnerability tester program (KnockKnock), over the weekend.

In my opinion the backdoor is one caused by a security flaw and not one made for subterfuge. I sent my findings to both 
Steve and to Microsoft Monday morning, but because the issue continues to draw media attention I’ve decided to publicly 
document my investigation.

[snip]

Much more here:
http://www.sysinternals.com/blog/2006/01/inside-wmf-backdoor.html

- ferg


--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg () netzero net or fergdawg () sbcglobal net
 ferg's tech blog: http://fergdawg.blogspot.com/


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.