Friday, July 1, 2022
  • Home

New High Quality Temporary WMF Exploit Patch Available!

January 3rd, 2006 by Zack Whittaker

Quick Background:
The active exploitation of a very serious vulnerability in all versions of Windows was discovered in late December. Word of this spread rapidly through the hacker community — many of whom where presumably on holiday vacation from school, bored, and looking for something to do.

So several days later nearly one hundred different instances of exploitation of this newly discovered vulnerability had been found. Note that this is not a “new vulnerability” — it (and perhaps other similar bugs) have been lying unknown in Windows since 1991. What’s “new” is the discovery of this long-present vulnerability in Windows’ metafile processing.

Almost immediately there were reports of an MSN Messenger worm, and now F-Secure is reporting that “Happy New Year” SPAM eMail is carrying an exploit. Anti-Virus vendors quickly updated and began pushing out their A-V signature files. These have been effective, but a new very flexible exploit generation tool has appeared that’s able to create so many different variations of the exploit that A-V signatures are having trouble keeping up.

Microsoft responded with an acknowledgement of the problem which included a very weak workaround (the shimgvw.dll unregistration) that provides very little protection. There’s is not a cure, and it is not known how long the Windows user community will now be waiting for a true patch from Microsoft.

Ilfak Guilfanov produced a highly-effective true patch which successfully suppresses all known exploitable vulnerabilities for anyone using Windows 2000, XP, server 2003, or 64-bit XP. No patch is available for Windows 95, 98, ME or NT, and none is expected to be forthcoming. But anyone using Windows 2000, XP, server 2003, or 64-bit XP should IMMEDIATELY install Ilfak’s exploit suppressor into all of their systems.

Download: ZackNET Server

Posted in Bugs, Security | Comments Off on New High Quality Temporary WMF Exploit Patch Available!

This entry was posted on Tuesday, January 3rd, 2006 at 1:47 pm and is filed under Bugs, Security. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

Comments are closed.