Re: Ilfak's WMF patch

[Matthew Murphy <mattmurphy () kc rr com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

> <-- static int hat.tinfoil++; >

LOL.  I'll take that as an advisory note. :-)

> You're assuming it wasn't spotted.  More likely, it was spotted and well-known
> by people inside Microsoft, and existed specifically so that some Microsoft
> product didn't have to go through the effort of implementing their own
> callbacks in a security-sane way.
>
> I'll make the prediction that the Microsoft fix will include something
> of the form:
>
>       if (current->program != "M$-Hosed") then close_hole();

Indeed, that appears to have been the original purpose when WMF was
invented years (more than a decade, probably closer to two decades now?)
ago for Windows 3.0.  Microsoft's level of clue about security then was
(obviously) quite a bit less then than now.

WMF is a 16-bit direct access layer to the GDI.  It was essentially
designed so that most of what could be done with GDI objects in C could
be done in some way via WMF.  WMF has been tightened down in quite a few
respects since then (primarily due to uncovered vulnerabilities), and
EMF (aka "Enhanced Metafile", WMF's 32-bit counterpart) is quite a bit
tighter.

WMF has been yanked from 64-bit Windows entirely (Windows XP x64
Edition, Windows Server 2003 for Itanium and Windows Server 2003 x64
Edition don't support it) and I've heard talk of the format getting the
deep six even for 32-bit releases of Windows Vista.

Most have realized the obsolescene of WMF, and most Windows apps these
days have at least moved to the newer (more secure) EMF.  In any case,
most compatibility problems with the axeing of WMF can be solved by
simply migrating existing images to a supported format (EMF being the
prime candidate, of course).

There are exceptions, but not too many of them.  Visual Studio, for
instance, appears to still distribute attached clipart as both WMFs and
EMFs for compatibility with 16-bit boxes still in production.  I've
recently been told that 16-bit OSes are still in places besides caves.

- --
"Social Darwinism: Try to make something idiot-proof,
nature will provide you with a better idiot."

                                -- Michael Holstein

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFDuHjVfp4vUrVETTgRA63/AJwI7d30sFd8YodYto00QrbRMXxHJgCfWmxL
Veq/n2NIK6W980zrYQ5+wGY=
=F15a
-----END PGP SIGNATURE-----

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.