Microsoft Responds to WMF Vulnerability

Blogged under Software News by Dr. Byte on Monday 16 January 2006 at 7:55 pm

In an entry on the Microsoft Security Response Center Blog, Stephen Toulouse explains exactly how the WMF flaw could be triggered. BetaNews has an overview of the company’s response. This code exists on every version of Windows since version 3.0, security firms have said. When this functionality was introduced, Toulouse said the security landscape differed from what it is now and metafile records were completely trusted by the operating system. Gibson claimed that the flaw could be exploited only by using a byte size of 1 in the metafile record, which Toulouse says is incorrect. He surmised that Gibson’s tests had the offending function as the last entry in the metafile, which caused only incorrect sizes to trigger the flaw.

Related Articles
  • Two New WMF Bugs Found
  • WMF Vulnerability is an Intentional Backdoor?
  • WMF back door theory denied, again
  • British parliament attacked using WMF exploit
  • New IM Worm Exploiting WMF Vulnerability

    • No Comments »

    No comments yet.

    RSS feed for comments on this post. TrackBack URI

    Leave a comment

    You must be logged in to post a comment.

    Today In Tech todayintech.info © 2005 -