iEntry 10th Anniversary RSS Archive

IT Management Begins With Security
SecurityProNews > Insider Reports > Insider > New WMF Vulnerabilities Found
Search:
[ insider_reports_insider ]

New WMF Vulnerabilities Found



John Stith
Staff Writer
2006-01-10

SecurityProNews: Insider Reports Insider Reports RSS Feed


Microsoft continues to have problems with its WMF handling. While the zero-day problem was corrected, other problems have crept up around the very same program. Microsoft released the fix last week but it looks like they've got some more work to do.

More WMF Problems Creep Up
More WMF Problems Creep Up

The problems involve two different functions being exploited, "ExtCreateRegion" and "ExtEscape." The function originally exploited was the "SetAbortProc." These are multiple memory corruption vulnerabilities. While there are problems with the new findings, they aren't quite as serious as the other one. The problem itself shows up when users view malicious WMF files with special data.

The effects of this exploit are still under some discretion. It's been established these vulnerabilities lead to denial-of-service attacks. There's some debate, however, as to whether or not arbitrary code execution is possible. Alex Eckelberry said on his Sunbelt Blog:

Any code execution that occurs will be with the privileges of the user viewing a malicious image. An attacker may gain SYSTEM privileges if an administrator views the malicious file.

He went on to say in an update that:

His vulnerability is more related to triggering a denial of service attack on a vulnerable system. The exploit code we have observed does not prove that code could be run on a machine (unlike the last WMF exploit), but this type of danger is always an issue with buffer overflows. We will keep this blog updated with the latest relevant news.

These vulnerabilities are just newest in a large number of security problems Microsoft has had with Windows in recent years. These were more prominent in XP although they stretched across the Windows product line. The problems continue to occur and they've not even fixed all the problems in this one application. Who knows what else is in there?

As Microsoft gears up for the release of Windows Vista this year, one can only hope these issues will be overcome. Windows isn't cheap software and users have a reasonable expectation to think their computers should be safe from harm. Microsoft must be more agressive in tracking down these issues not only in existing versions of Windows but in the upcoming Vista as well. Otherwise, loyal customers will continue to suffer for Microsoft's lack of diligence.





About the Author:
John is a staff writer for SecurityProNews covering cyber security.

More insider_reports_insider Articles

SecurityProNews: Insider Reports Insider Reports RSS Feed

Get Your Site Submitted for Free in the World's Largest B2B Directory!

Email Address:
* URL:
*
*Indicates Mandatory Field

Terms & Conditions

iEntry Featured Services: Jayde Member Services | Forums | Freeware | Advertise with Us

Contact Us | Advertise | Newsletter Archive | Sitemap | Submit an Article | News Feeds
SecurityProNews is an iEntry, Inc.® publication - $line) { echo $line ; } ?> All Rights Reserved | Privacy Policy and Legal		 Join the WebProWorld Forums: Click Here
Virus Warnings

Subscribe to
SecurityProNews FREE!


[ more newsletters ]

Featured On:
article resources
Search Articles:
[advanced search]

WebProWorld.com
Get in-touch with industry experts and leaders
Post your site for review by expert and peers
Ask Security, IT, Development and Design questions

Free Membership: Join Now!

Visit WebProWorld.com

Titan Quest Forum
The #1 Titan Quest forum
Halo 3 Forum
The best Halo, Halo 2, Halo 3 forum
Nintendo Wii
Nintendo Wii news and views
Mac Software
The best in OS X freeware
Graphics Forum
Your source for graphic tutorials
SecurityProNews.com | Breaking eBusiness News Get Your IT Questions Answered - Click Here SecurityProNews News Feeds