Author Topic: WMF Vulnerability Avast! Official Confirmation  (Read 20090 times)

0 Members and 1 Guest are viewing this topic.

Offline Zagor

  • Sr. Member
  • ****
  • Posts: 300
  • Well, this should be good!
    • Maybe ? Design
Re: WMF Vulnerability Avast! Official Confirmation
« Reply #30 on: December 31, 2005, 03:08:20 AM »
Would such scan of extra objects be a greater pain for system resources?
Zone Alarm Free         Bit Defender Free      Ad Aware Se Personal
avast!Professional      Ewido S Suite Plus      Microsoft AntiSpyware
Sys Safety Monitor       aSquared Free         Spybot Search&Destroy
Rootkit Revealer                                       Spyware Blaster

Tbird+Firefox2.0 (NoScript+AdBlockPlus+Dr.WebPreLinkScan)+ Win

Offline TAP

  • Sr. Member
  • ****
  • Posts: 201
  • I'm a llama!
Re: WMF Vulnerability Avast! Official Confirmation
« Reply #31 on: December 31, 2005, 03:14:52 AM »
Would such scan of extra objects be a greater pain for system resources?


I haven't noticed any *greater* slow down in system performance or internet connection speed at all.

Offline Zagor

  • Sr. Member
  • ****
  • Posts: 300
  • Well, this should be good!
    • Maybe ? Design
Re: WMF Vulnerability Avast! Official Confirmation
« Reply #32 on: December 31, 2005, 03:18:43 AM »
Nice!  8)
Zone Alarm Free         Bit Defender Free      Ad Aware Se Personal
avast!Professional      Ewido S Suite Plus      Microsoft AntiSpyware
Sys Safety Monitor       aSquared Free         Spybot Search&Destroy
Rootkit Revealer                                       Spyware Blaster

Tbird+Firefox2.0 (NoScript+AdBlockPlus+Dr.WebPreLinkScan)+ Win

Offline curious!

  • Avast Evangelist
  • Poster
  • ***
  • Posts: 531
Re: WMF Vulnerability Avast! Official Confirmation
« Reply #33 on: January 04, 2006, 12:23:29 AM »
The newest pattern did it for me. I hope, avast not just added the heise.de demo exploit to their pattern but have a more common approach in detecting variants of this exploit. There seems to be virus gernerators out in the wild who allow almost anybody to inject harming code in wmf-files.

No, this detection is really a generic detection of the "exploit" itself - the previous detections (Win32:Exdown) were removed from the database.


This is indeed the answer to the question I asked in this thread when I started it 30.12.05. I asked for an official confirmation that the WMF exploit was covered by Avast!. As far as I can interpret this answer from another thread there was NO generic detection at the time I raised the question the first time.  ;)

Why not answer that?  >:(

Well, now the answer to my question is indeed YES and I am again a happy Avast! user.  ;D


HL