funsec mailing list archives

RE: WMF Vulnerable Systems

From: "Larry Seltzer" <larry () larryseltzer com>
Date: Mon, 2 Jan 2006 22:00:44 -0500

PS - I also tested the out-of-the-box IE (version 5.0) and it wouldn't load
the images from a test page. And there is no shimgvw.dll (or shim*.dll) on
the system

Larry Seltzer
eWEEK.com Security Center Editor
http://security.eweek.com/
http://blog.ziffdavis.com/seltzer
Contributing Editor, PC Magazine
larryseltzer () ziffdavis com 

-----Original Message-----
From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On
Behalf Of Larry Seltzer
Sent: Monday, January 02, 2006 9:48 PM
To: funsec () linuxbox org
Subject: [funsec] WMF Vulnerable Systems

This is a little surprising. I had been taking at face value reports from
Microsoft and others that all Windows versions were vulnerable to this flaw,
but I only just now tested a system other than Windows XP.

I just created a fresh Windows 98SE system, no updates. Of course it doesn't
have Picture and Fax Viewer, but I opened a known-malicious WMF file with
Paint and got this message:

        C:\BAD.WMF
        Paint cannot read this file.
        This is not a valid bitmap file, or its format is not currently
supported.

Now this could just mean that Paint in this version of Windows cannot read
WMF files, but that the GDI32 flaw is still there. Perhaps, for example,
Lotus Notes on this OS would be vulnerable. Still, I'd have to conclude that
this platform is significantly less vulnerable than XP.

My next step is to run Windows Update (probably a dozen times) to get 98 as
up to date as it can be and retest.

Larry Seltzer
eWEEK.com Security Center Editor
http://security.eweek.com/
http://blog.ziffdavis.com/seltzer
Contributing Editor, PC Magazine
larryseltzer () ziffdavis com 


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

WMF Exploits overview draft Rob, grandpa of Ryan, Trevor, Devon & Hannah (Jan 02)
- WMF Vulnerable Systems Larry Seltzer (Jan 02)
  - RE: WMF Vulnerable Systems Larry Seltzer (Jan 02)
    - RE: WMF Vulnerable Systems Richard M. Smith (Jan 02)
    - RE: WMF Vulnerable Systems Larry Seltzer (Jan 02)
    - RE: WMF Vulnerable Systems Larry Seltzer (Jan 02)
    - RE: WMF Vulnerable Systems Larry Seltzer (Jan 02)
  - Re: WMF Vulnerable Systems Rob, grandpa of Ryan, Trevor, Devon & Hannah (Jan 02)