FRIHOSTFORUMSSEARCHFAQTOSBLOGSCOMPETITIONS
You are invited to Log in or Register a free Frihost Account!


Windows .wmf flaw





sonofsneaker
Hi,

There is a new Microsoft Windows flaw. This effects all versions of Windows (i.e. 95,98,2000,XP etc.). The Vulnerability is WMF files. Note that this is not a "new vulnerability" — it (and perhaps other similar bugs) have been lying unknown in Windows since 1991. What's "new" is the discovery of this long-present vulnerability in Windows' metafile processing. If you use Windows 2000 or XP there is a temporary fix. Go to http://grc.com/sn/notes-020.htm to see more about this issue, and fix this issue.
DX-Blog
Note: Users with windows 1.0 or 2.0 are safe Laughing

This is definately the biggest ****** up of microsoft ever, come on, 14 years and still have the same bug in your software? Razz That's a major security flaw, lol.
sonofsneaker
This and other security reasons is why I'm a Mac user. If Microsoft can't even get it together to fix a 14 year old bug, then why do we still use Microsoft products? I think that perhaps in the near future, everbody is going to start to migrate over to Macintosh. In 2005 alone, at least 1,000,000 users switched from Windows to Mac OS. Probably because they were sick and tired of dealing with all of the Virus's, Spyware, and now Rootkits.
DX-Blog
sonofsneaker wrote:
This and other security reasons is why I'm a Mac user. If Microsoft can't even get it together to fix a 14 year old bug, then why do we still use Microsoft products? I think that perhaps in the near future, everbody is going to start to migrate over to Macintosh. In 2005 alone, at least 1,000,000 users switched from Windows to Mac OS. Probably because they were sick and tired of dealing with all of the Virus's, Spyware, and now Rootkits.

You should not forget that the desire for more people to start using the same OS as you do will be your own downfall. The reason why spyware, virusses, etc are so popular for windows is because by far the biggest amount of people use it. Why would someone spent the time to create a virus which will only affect a small amount of people? It will be a waste of time outside of educational purposes. Since you have to realise that even the best virusses only get to a minor part of the total computer systems.

With windows this builds up since it can easily spread amongst eachother. But with a way less amount of mac users the virus will basically have nowhere to go and will probably affect next to nothing.

Same goes for linux, there are some virusses around, but they are so horribly that you have to execute every single one of them yourself basically before it has any effect.

The moment the majority will use either linux or macs though there will be done much more research into those operating systems by the people making the virusses, just to attack them. In the end it will always be the most popular which will be getting the downfall and the only true way of preventing that from happening to your system is to never fully rely on your OS.
Daniel15
I hope they release a fix for Windows 3.0 Very Happy

Quote:
This is definately the biggest **** up of microsoft ever, come on, 14 years and still have the same bug in your software? That's a major security flaw, lol.

Windows is a huge program! It's really hard for Microsoft to find a bug like this one, since they have heaps of code. What makes it worse is that Windows isn't open-source, so only the developers can find bugs in the coding (whereas with open-source programs, anyone can get the source and help find bugs).

I don't think that it was discovered until now. It was probably just hiding in the Windows coding, and someone was playing around and discovered it. It's not like Microsoft does any real bug tracking...

P.S Who still uses WMF files, anyway? They're old.
sonofsneaker
It's really sad that there are hackers that love to make people's computers not perform as they should. (Not even work in some cases). However, I guess it provides jobs for computer tech's to fix them.
thedon12991
yah i dont believe for one second. If this has been around 14 years and the hacking community knows about it all and well, this would be the biggest flaw they would use. I know how to hack(never done it illegaly) and i have never heard of it before, nor has any of my friends that know how to hack ever mentioned it. Its just another internet myth that gets created every day. the only place i would believe this, if it was posted on, was at microsoft.com
David_Pardy
Actually, GRC (Gibson Research Corporation) is well-known and respected in the Windows community. They have released several patches for critical vulnerabilities in Windows over the years.

I use Windows because a lot of the games I play need it. Go figure.
thedon12991
I still have never heard of the exploit and i will ask around at some other forums if they have ever heard of it
sonofsneaker
I don't think Microsoft loves to talk about there mistakes. I think at times they don't tell about the flaw so that it doesn't attract tons of hacks.
iridios
daniel15 wrote:
I hope they release a fix for Windows 3.0 Very Happy

Quote:
This is definately the biggest **** up of microsoft ever, come on, 14 years and still have the same bug in your software? That's a major security flaw, lol.

Windows is a huge program! It's really hard for Microsoft to find a bug like this one, since they have heaps of code. What makes it worse is that Windows isn't open-source, so only the developers can find bugs in the coding (whereas with open-source programs, anyone can get the source and help find bugs).

I don't think that it was discovered until now. It was probably just hiding in the Windows coding, and someone was playing around and discovered it. It's not like Microsoft does any real bug tracking...

P.S Who still uses WMF files, anyway? They're old.


What really makes it worse is that it wasn't a bug, but an actual coded feature of WMF files. Microsoft just forgot to close the hole when it was no longer needed.

smooshkin wrote:
Did Microsoft design this vulnerability on purpose?
Microsoft first allowed .wmf file extensions to carry executable code at least as far back as Windows 3.0, Websense says. This was to enable Windows to cancel print jobs using the file format, and the developers in that simpler era apparently didn't imagine it would be used for anything more malicious.

A layer of backward compatibility folded into modern Windows kept the security hole alive below the surface of the operating system.
sonofsneaker
OK here's something really sad about this flaw. They just found out that the same flaw is in Windows Vista. Check this link out for more on this. http://weblog.infoworld.com/daily/archives/2006/01/windows_vista_h.html?source=NLC-DAILY2006-01-17?source=NLC-DAILY2006-01-17 So What do you think about this?
KHO
No, windows could have a flaw Neutral Blasphemy! Neutral
Alright every windows user, see that little "mini-window" that pops up asking you to update windows everytime you boot? Don't ignore it Neutral. For those of you who do ignore it, l sure hope you have some good protection, because outdated holes in windows can really give you a headache Neutral.
sonofsneaker
This is why using a Mac was never so much nicer. I (for the time being) don't have to worry about security holes in OS X.
d722002
DO NOT DOWNLOAD THE UPDATE!

I did. It caused several programs to malfunction, including Outlook Express and MS Flight Simulator 2004. It blocked off some ports that are necessary to these programs...
Ping
Pretty Bad bug on behalf of MSFT. I remember geting infected with a zero day trojan a while ago and reformated and thought nothing of it...little did i know it was a WMF exploit. I think all this publicity will give virus/trojan makers idea's to make these esploits-and inturn become more and more common.
Related topics
Cheaper to patch--Windows or open source?
Linux or Windows on your computer?!
Windows Tips&tricks!
IRam Boosts Windows Boot
Spoofing in Mozilla ( FireFox) browser flaw
Windows Vista Official Thread
Grave falla de Windows obliga a adelantar una solución
el fallo d wmf - atencion actualiza tu windows!!
[ALERT] Second Metafile Vulnerability in Windows!
MS Discloses Limited WMF Vulnerability
Exploits in the wild for IE6 flaw growing!
Windows XP vs Mac OS X
Critical flaw found in Photoshop plug-in
Windows 7 beta.its fantastic
Reply to topic    Frihost Forum Index -> Computers -> Software

FRIHOST HOME | FAQ | TOS | ABOUT US | CONTACT US | SITE MAP
© 2005-2011 Frihost, forums powered by phpBB.