If you follow the tech news, you're probably already aware of a very serious Windows bug that is now starting to be widely exploited by hackers / spyware / trojans, that by simply viewing a specifically malformed picture / image file (even if just viewing it on a webpage), you can have your system infected.
You can read more about the official story from several internet News sites, one such as this: http://news.bbc.co.uk/2/hi/technology/4580852.stm
and Here (http://news.yahoo.com/s/lifehacker/20060105/tc_lifehacker/unofficialwindowspatchreleasedpcstrembleinwait;_ylt=AhbAcnHjtLG5NVUB2EtVdvgjtBAF;_ylu=X3oDMTA5aHJvMDdwBHNlYwN5bmNhdA--)Ã, and Here. (http://edition.cnn.com/2006/TECH/internet/01/04/microsoft.patch.reut/index.html)
More detailed information about this nasty bug can currently be found here:
http://isc.sans.org/diary.php ,here http://handlers.dshield.org/jullrich/wmffaq.html
and here
http://www.f-secure.com/weblog/archives/archive-012006.html#00000768
Micro$oft does not as of yet have a patch to fix this problem (it's in the works still), and they are trying to downplay the seriousness of the flaw.Ã,Â
As far as I know most all version of Windows are vunerable to this bug.Ã, MicroSoft does not officially support some older versions of Windows, and you may not want to take the risk of having a very serious bug that hackers world-wide are working hard to exploit it as much as possible, while you wait untill MicroSoft finally decides to release a patch.
So, in the meantime, there is a vunerability-checker and an "unofficial" patch that can be downloaded and installed from the following site: http://www.hexblog.com/
This "unofficial" patch has been recommended by many security websites and is deemed to be safe and fully un-installable (that being said, installing any such files is at the users own risk, but I think it's more of a risk not to install some kind of protection while waiting for Micro$oft to get off their ass regarding this problem).
Keep your anti-virus up to date, be careful of opening strange emails or clicking on suspicious links. This is one of the most serious Windows bugs ever exposed, so take care.
Best wishes.
Microsoft have been pretty stupid lately, first all that crap with the 360s, now another bug exposed in windows and they're trying to avoid it. If they want people to actually support them in the future, they should really act more responsibly than releasing a bunch of buggy machines that they claim to have been "fully tested" and now trying to avoid an outcry about a serious bug by pretending it's not important.
Good programmers rewrite code. Microsoft programmers just try to "patch" up the bugs rather than doing a very necessary rewrite. That's what I've been noticing in Windows, is that even the latest versions of Windows are all built on the really early stuff.
Yeah. I've been following this since december. I've been using the unofficial patches for a while now. Also. if you have google desktop installed, get rid of it immediately.
Quote from: mwahahaha on Thu 05/01/2006 23:12:04
Microsoft have been pretty stupid lately, first all that crap with the 360s, now another bug exposed in windows and they're trying to avoid it.Ã, If they want people to actually support them in the future, they should really act more responsibly than releasing a bunch of buggy machines that they claim to have been "fully tested" and now trying to avoid an outcry about a serious bug by pretending it's not important.
it's not actually a bug, it's a feature in WMF files that allows code to be executed which was a good idea at the time.
it's not microsoft's fault there are a bunch of pricks about creating these viruses either.
Just don't open a wmf file.. It's not like huge claws are going to reach through the screen and devour your head.
The media is in a lull of news so now they latch on to stuff like this. It's NOT that bad.
Quote from: BOYD1981 on Thu 05/01/2006 23:20:10
it's not actually a bug, it's a feature in WMF files that allows code to be executed which was a good idea at the time.
Novel!
Imagine the amount of genius that it took to come up with that brilliant idea.
Quote from: [lgm] on Thu 05/01/2006 23:20:56
Just don't open a wmf file..
The files can be masked as any image format. Only a small amount of these viruses actually end in .wmf
Quote from: Geoffkhan on Thu 05/01/2006 23:22:50
Quote from: BOYD1981 on Thu 05/01/2006 23:20:10
it's not actually a bug, it's a feature in WMF files that allows code to be executed which was a good idea at the time.
Novel!
Imagine the amount of genius that it took to come up with that brilliant idea.
it was a useful idea at the time and was meant for faxes, something to do with callback code or something (this is back in the days of win3.11), but there weren't as many internet users back then who were shitheads that would exploit it.
stuff like that could be very useful but some turd would come along and exploit it.
And it also (as far as i can tell) is only in xp pro, not home edititon.
Tested to go back all the way to windows 98, without a patch for it :)
Quote from: Haddas on Thu 05/01/2006 23:52:46
Tested to go back all the way to windows 98, without a patch for it :)
Really? Oh, then damn...
http://www.microsoft.com/technet/security/Bulletin/MS06-001.mspx
hmm? Official patch? Well i've just installed it.
funny that my windows wants to update at the moment it must be Chicky
MS has released a patch. Considering the unofficial one was leaked from MS, I think not waiting 10 days (as previously planned) was probably a smart move. The .WMF, by the way, could be masked as another image file (say a .jpg) embedded in a webpage, and still manage to execute code.
Anyway, the patch is obtainable now via the usual WinUpdate (which has gotten more high-security setting / firefox friendly).
Windows Update has never worked on my pc, all the updates fail to install, i don't see why the hell they can't just release single downloadable files like they used to instead of pimping their wares...
So they can track down how frequently would you visit p0rn sites.
Yay! As just mentioned above in this thread, they finally decided released an "official" patch now.
I guess Micro$oft was getting too much heat over the problem and that they initially were going to wait untill the regular Security-Update cycle to release a patch to fix the WMF bug (as probably they may have been earlier thinking if they released the patch out-of-cycle, then it'd be an admission of the seriousness of the flaw, and, heck, Micro$oft is near flawless in it's monopoly wisdom isn't it?Ã, ;) ).
You can read a recent news article about the Microsoft Patch release here:
http://edition.cnn.com/2006/TECH/internet/01/05/wmfflaw/index.html
Though, I notice, they are not supporting older Windows version such asÃ, 98 and ME, so if you're running one of those older Windows versions it still might be wise to apply the "un-official" patch.
Best regards.
I recall the unofficial pathces morking for 98. However I haven't checked it in a few days. All that was needed for an infection was a 1x1 transparrent image :)
People still use Windows?
Yeah, this thing... I work over at a site called SonicVerse Team (http://www.sonicverseteam.com/) as admin and our place was somehow compromised and these wmf files embedded into our pages. We've managed to isolate them, but it's still good news that the patch has been released. I'll let them all know.