Author Topic: New WMF-bug on the loose  (Read 1839 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
New WMF-bug on the loose
« on: August 09, 2006, 07:06:00 PM »
Just when you stopped having nightmares about the Windows MetaFile (WMF) bug of '05: now there's a new WMF exploit in the wild.

A researcher with the pseudonym of cyanid-E yesterday published a new WMF vulnerability, which he says he reported to Microsoft in late June. The vulnerability exploits the same GDI Client DLL library (gdi32.dll) as did the previous zero day WMF flaw WMF flaw, which was a major security problem for enterprises.

This bug for the moment only crashes the browser, but it is well
possible that a malicious hacker can upgrade it for remote access.

polonus
« Last Edit: August 09, 2006, 10:15:02 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88899
  • No support PMs thanks
Re: New WMF-bug on the loose
« Reply #1 on: August 09, 2006, 08:46:23 PM »
Well lets hope the avast generic 'MS06-001 WMF Exploit' signature will recognise the new variant. http://www.avast.com/eng/wmf_exploit.html
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security