New Windows Vulnerability.

Belisarius · 01-03-2006, 03:28 PM

I try not to be too much of a chicken-little on these things, and I'm usually not too concerned about viruses as I use best-practices, but the buzz surrounding this vulnerability is pretty intense. The rumor is that it *isn't* reliability picked up by virus scanners, and (I didn't even think this was possible) is imbedded in images. That means all you need to do is view a website (I think message boards are particularly vulnerable as seed-points) with an infected image and you've got it.

Sans message. Slashdot articles here and here.

Microsoft isn't planning on pushing out an update for about a week, but if a working virus hits first, it sounds like there's no real defense. Sans is suggesting that people install a third-party patch they have tested and are hosting here until the official MS patch comes out. I've installed it and so far my computer hasn't exploded, so take that as you will . . .

DJMaze · 01-03-2006, 04:53 PM

Thank god i don't use WindowsMediaFiles.

Belisarius · 01-03-2006, 05:25 PM

The problem is that I could simply rename a .wmf file as a .jpg, and Windows will look at the *header* information and load the file anyways.

DJMaze · 01-05-2006, 05:57 AM

Shure but which windows ?
I use plain Windows 2k because i hate all that embedded picture viewing, audio reading and IE

Belisarius · 01-05-2006, 01:55 PM

All of them. Seriously. It's a problem with legacy code introduced in Windows 3.0, and included in every version since.

Belisarius · 01-05-2006, 02:01 PM

Official Microsoft Fix can be found here:
http://www.microsoft.com/technet/sec.../ms06-001.mspx