Re: Interview: Ilfak Guilfanov

[Matthew Murphy <mattmurphy () kc rr com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

rms () computerbytesman com wrote:
> Good interview, but I'm still left wondering why Internet Explorer won't
> execute malicuous code when it directly displays a booby-trapped .WMF file
> as opposed to the Windows picture/FAX viewer which will execute the
> malicous code.  Since both programs presumably use gdi32.dll to display a
> .WMF file, why is there be a difference in behavour?
>
> Richard

HDM's tutorial would appear to explain this.  IE is only capable of
displaying WMFs with certain optional headers preceding their content.
These same optional headers take the WMF *out of the context* where
escapes can be used.  This disables, among other things (and there's a
basketful of "other things") SETABORT.  At least, that's how I
understand it.

- --
"Social Darwinism: Try to make something idiot-proof,
nature will provide you with a better idiot."

                                -- Michael Holstein
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)

iD8DBQFDvd2Vfp4vUrVETTgRA4FAAJ9ctVsSxzW0T28xWMX63MLf4MIsngCeIpWP
MdvxAGJjNThjP9NEzYBh9jg=
=Y9S9
-----END PGP SIGNATURE-----

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.