funsec mailing list archives
RE: WMF Vulnerable Systems
From: "Larry Seltzer" <larry () larryseltzer com>
Date: Mon, 2 Jan 2006 22:00:44 -0500
PS - I also tested the out-of-the-box IE (version 5.0) and it wouldn't load the images from a test page. And there is no shimgvw.dll (or shim*.dll) on the system Larry Seltzer eWEEK.com Security Center Editor http://security.eweek.com/ http://blog.ziffdavis.com/seltzer Contributing Editor, PC Magazine larryseltzer () ziffdavis com -----Original Message----- From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On Behalf Of Larry Seltzer Sent: Monday, January 02, 2006 9:48 PM To: funsec () linuxbox org Subject: [funsec] WMF Vulnerable Systems This is a little surprising. I had been taking at face value reports from Microsoft and others that all Windows versions were vulnerable to this flaw, but I only just now tested a system other than Windows XP. I just created a fresh Windows 98SE system, no updates. Of course it doesn't have Picture and Fax Viewer, but I opened a known-malicious WMF file with Paint and got this message: C:\BAD.WMF Paint cannot read this file. This is not a valid bitmap file, or its format is not currently supported. Now this could just mean that Paint in this version of Windows cannot read WMF files, but that the GDI32 flaw is still there. Perhaps, for example, Lotus Notes on this OS would be vulnerable. Still, I'd have to conclude that this platform is significantly less vulnerable than XP. My next step is to run Windows Update (probably a dozen times) to get 98 as up to date as it can be and retest. Larry Seltzer eWEEK.com Security Center Editor http://security.eweek.com/ http://blog.ziffdavis.com/seltzer Contributing Editor, PC Magazine larryseltzer () ziffdavis com _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- WMF Exploits overview draft Rob, grandpa of Ryan, Trevor, Devon & Hannah (Jan 02)
- WMF Vulnerable Systems Larry Seltzer (Jan 02)
- RE: WMF Vulnerable Systems Larry Seltzer (Jan 02)
- RE: WMF Vulnerable Systems Richard M. Smith (Jan 02)
- RE: WMF Vulnerable Systems Larry Seltzer (Jan 02)
- RE: WMF Vulnerable Systems Larry Seltzer (Jan 02)
- RE: WMF Vulnerable Systems Larry Seltzer (Jan 02)
- RE: WMF Vulnerable Systems Larry Seltzer (Jan 02)
- WMF Vulnerable Systems Larry Seltzer (Jan 02)