Re: Windows MetaFiles still vulnerable - dslreports.com

			Search:
	login · register

	All Forums		Hot Topics		Gallery

how-to block ads

Forums » Up and Running » Security » Security » Windows MetaFiles still vulnerable


Search Topic:	Share Topic:	RSS topic:	toggle: flat / full normal / watch	Posting:

Links: ·Hijack This logs? ·Panda Free Tools ·Vundo Removal

Outpost not blocking traffic on Windows shutdown »
« JaimeSmile Trojan

Author	All Replies
redxii too big to fail Premium,Mod join:2001-02-26 Texas Host: /dev/null Broadband Tweaks Suddenlink ISDN Fiber Optic 1 edit	reply to dp Re: Windows MetaFiles still vulnerable Kinda funny. I found it out on my own then while I was typing it up other people are in the know at the same time. I did not go to unionseek or heard of it until other people were posting WMF file code execution Except i'm wondering what the hell happened. They released a patch fixing metafile code execution, and two months later we have metafile code execution even with the said patch. Except this time it is actually in the wild. "The issue may be exploited remotely or by a local attacker. Any code execution that occurs will be with SYSTEM privileges due to the nature of the affected engine." Atleast in my testing, this does not appear to be the case. I think they are confusing the fact that most people run as admin, and once the code is executed it creates services that are run as SYSTEM. It for sure died in a restricted account.
	to forum · permalink · · 2005-12-28 06:19:04 · (locked)

Thread is

Topic: Follow · Sitemark · Mark Unread

Forums » Up and Running » Security » Security	Outpost not blocking traffic on Windows shutdown » « JaimeSmile Trojan


Saturday, 28-Nov 18:43:01	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 10 years online! © 1999-2009 dslreports.com.republican-creole page compression OFF

Most commented news this week
· [122] Time Warner Cable Fires Broadside At Broadcasters
· [112] New AT&T Ad Campaign Hits Back At Verizon
· [96] Apple Joins AT&T Verizon Snark Fest
· [87] New Bill Takes Aim At Higher Verizon ETFs
· [80] TiVo Sees Record Customer Losses
· [70] Verizon CEO: Hulu Will Be Dead Soon
· [69] In-Flight Internet Headed For Bumpy Landing?
· [64] Weekend Open Thread
· [62] Thanksgiving Open Thread
· [40] EFF Wages War On Fine Print

Most people now reading
· 3.x Feral Druid - Bear Tanking Guide [World of Warcraft]
· Windows 7 boot manager editing questions [Microsoft Help]
· [Newsgroups] Newzleech down? [Filesharing Software]
· [How to] Install Asterisk on an Asus WL-520GU router [VOIP Tech Chat]
· Blue Ray: Samsung BD-P3600 or LG BD390 [Audio/Video Chat]
· [Future9] Future9 status [VOIP Tech Chat]
· ToC 4th boss - Preliminary Strategy for Twin Valkyr [World of Warcraft]
· [ Classes] Druid tanking: rotation and glyphs [World of Warcraft]
· Gizmo5 has added a Google Voice section in its members area. [VOIP Tech Chat]
· 'The antivirus industry sucks' [Security]