WMF back door theory denied, again
Mark Russinovich, an independent Windows security expert, has analyzed the Windows Meta File vulnerability and suggestions that it might be an intentional back door.
“Steve Gibson (of SpinRite fame) proposed a theory in his weekly Thursday-night podcast last week that, if true, would be the biggest scandal to ever hit Microsoft–that the WMF vulnerability that drew so much media attention last month is actually a back door programmed intentionally by Microsoft for unknown reasons,” Russinovich wrote on his blog Wednesday.
“I finished my analysis… over the weekend. In my opinion the back door is one caused by a security flaw and not one made for subterfuge,” Russinovich wrote. “Given a choice of believing there was malicious intent or poor design behind this implementation, I?ll pick poor design… I’m convinced that this behavior, while intentional, is not a secret backdoor.”
He also provides a technical look at the WMF issue and Gibson’s claims.
Microsoft last week also discussed the problem and said it was not an intentionally created back door.