KyeU
join:2003-12-31
Canada
1 edit | reply to jp10558
Re: Windows MetaFiles still vulnerable It would catch most .WMF files I would think. The Web Page Filter kills most standard images with .WMF extension, and the Header Filter catches the connections to *.WMF, this is because heavily encrypted JS files are difficult to match, but their connection requests are out in the open 
I would think it is still safe to disable Windows Picture Viewer, or perhaps even associating the .WMF file extension to Notepad (or another file). |
|
 ChipPremium
join:2001-12-23
Connecticut
 ·Comcast Formerl..
| said by KyeU:I would think it is still safe to disable Windows Picture Viewer, or perhaps even associating the .WMF file extension to Notepad (or another file). Here's what I tried. I changed the association for WMF/EMF from the viewer to the Foxit pdf reader.I then went to crackz and got the warning box shown above. So far I haven't got the same symptoms that RedXII1234 got when he initially went to the site.
I'm going to take some time and go through the machine and see if I find anything suspicious.
--
The three great strategies for obscuring an issue are to introduce irrelevancies, to arouse prejudice, and to excite ridicule--Bergen Evans |
|
pier5
join:2002-03-27
34312 | bestserials had this wmf exploit but maxthon/IE opened a dialog asking if I wanted to view the WMF file with its associated viewer. I said "No" and the infection was prevented. |
|
