Results 1 to 12 of 12

Thread: Windows Image Vulnerability (a.k.a. the "Damn it, another one?!" thread)

Hybrid View

  1. #1
    Veteran Trainer
    Veteran Trainer

    Join Date
    Sep 2002
    Location
    The Fanfiction Forum
    Posts
    19,535

    Default Windows Image Vulnerability (a.k.a. the "Damn it, another one?!" thread)

    Well, as Bill Gates showcases the new Windows Vista OS, yet another weakness in all previous Windows systems has come to light. This time it's in the form of an attack using internet image files, especially WMF images. I heard that McAfee issued some sort of press release saying that about 6% of its customers had already been infected - and that's really bad, considering that McAfee is one of the leading antivirus program companies.

    Anyway, is this anything to worry about? Microsoft says it hopes to release a patch for the problem by the 10th, so that should hopefully plug up the leak, but is this as big of a problem as some sites are making it sound? Just wondering about your opinions.

    Some information on the vulnerability and the patch(es) can be found here.


    EDIT: Actually, I didn't read that article closely enough; apparently the problems only extend to Windows XP with service packs 1 and 2 and Win 2003 with service pack 1. My bad.

    (Dang, my college got really panicky over this one... >_>)
    IT HAS RETURNED.
    THE TPM MAIN SITE.

    Quote Originally Posted by Gavin Luper View Post
    Holy crap ... I'VE become a grammar nazi, too.

  2. #2

    Default Re: Windows Image Vulnerability (a.k.a. the "Damn it, another one?!" thread)

    They can be any image files on the Internet infected with a virus. Of course if you find an infected image using Internet Explorer you'll be doomed straight away whereas Firefox asks if you want to run some scripts or something while looking at an image so just decline.

  3. #3
    Advanced Trainer
    Advanced Trainer
    Sceptile_Master's Avatar
    Join Date
    Mar 2004
    Posts
    1,657

    Default Re: Windows Image Vulnerability (a.k.a. the "Damn it, another one?!" thread)

    No firefox wont even read it as if the scripts existed if my knowledge is correct. Along with Opera and all being immune probably too. If my theory is correct anyways. Plus mcAffees is as bad as a virus itself. It's a pathetic excuse for a virus program. Same for norton.
    Pokemon Pearl FC: 3479 9091 3139

  4. #4
    Veteran Trainer
    Veteran Trainer

    Join Date
    Sep 2002
    Location
    The Fanfiction Forum
    Posts
    19,535

    Default Re: Windows Image Vulnerability (a.k.a. the "Damn it, another one?!" thread)

    Okay, thanks. That's very helpful, considering I use Firefox. And in regards to virus programs, I use a cluster of unusual ones. Norton's worthless, and I guess McAfee's worse. But that's to be expected; after all, leading the industry essentially puts a target on the backs of antivirus companies.

    I appreciate the clarifications!
    IT HAS RETURNED.
    THE TPM MAIN SITE.

    Quote Originally Posted by Gavin Luper View Post
    Holy crap ... I'VE become a grammar nazi, too.

  5. #5
    Administrator
    Administrator

    Join Date
    Apr 2001
    Posts
    19,363

    Default Re: Windows Image Vulnerability (a.k.a. the "Damn it, another one?!" thread)

    All versions of Windows since Win98 are vulnerable. Firefox users are still vulnerable if they have caching turned on (and 100% of everyone does), because the image is still stored on the hard drive and as soon as you access it, oops you're boned.

    You're not automatically invulnerable to everything just because you use an alternative browser. The best Firefox users are the ones who recognise Firefox's weaknesses.

    Microsoft have released a patch for this. Get it through Windows Update.
    n/t

  6. #6
    Advanced Trainer
    Advanced Trainer
    Sceptile_Master's Avatar
    Join Date
    Mar 2004
    Posts
    1,657

    Default Re: Windows Image Vulnerability (a.k.a. the "Damn it, another one?!" thread)

    I thought IE was the only browser that actually was compatible with wmf images though. Although it was a rough recall from my memory when I studied images.
    Pokemon Pearl FC: 3479 9091 3139

  7. #7
    Veteran Trainer
    Veteran Trainer

    Join Date
    Sep 2002
    Location
    The Fanfiction Forum
    Posts
    19,535

    Default Re: Windows Image Vulnerability (a.k.a. the "Damn it, another one?!" thread)

    Are you sure that Microsoft's released a patch? I remember that there was a third-party patch, and that Microsoft hoped to have one ready by the 10th, but I don't see one available through Windows Update right now. The only thing available is the "Microsoft .NET Framework 1.1 Service Pack 1". And that doesn't really sound like the patch in question, from what I can tell. Maybe I'm just growing ever-more computer illiterate, though...
    IT HAS RETURNED.
    THE TPM MAIN SITE.

    Quote Originally Posted by Gavin Luper View Post
    Holy crap ... I'VE become a grammar nazi, too.

  8. #8
    Administrator
    Administrator

    Join Date
    Apr 2001
    Posts
    19,363

    Default Re: Windows Image Vulnerability (a.k.a. the "Damn it, another one?!" thread)

    Quote Originally Posted by mr_pikachu
    Are you sure that Microsoft's released a patch? I remember that there was a third-party patch, and that Microsoft hoped to have one ready by the 10th, but I don't see one available through Windows Update right now.
    Maybe it isn't. My mistake. It doesn't make sense why it's not there though. Either way, you can get it from this security bulletin instead: http://www.microsoft.com/technet/sec.../MS06-001.mspx

    edit: I'm informed by numerous reputable sources that there is indeed a high priority fix for this in Windows Update, and it's also automatically installed through Automatic Updates so you might not have noticed it being installed.



    Quote Originally Posted by Sceptile_Master
    I thought IE was the only browser that actually was compatible with wmf images though. Although it was a rough recall from my memory when I studied images.
    WMF images are nothing to do with Internet Explorer. WMF is a Microsoft-produced vector graphics format that is used most often (although not exclusively) for Microsoft Office clip art.
    n/t

  9. #9
    Advanced Trainer
    Advanced Trainer
    Sceptile_Master's Avatar
    Join Date
    Mar 2004
    Posts
    1,657

    Default Re: Windows Image Vulnerability (a.k.a. the "Damn it, another one?!" thread)

    Ok thanks for clearing that as it's been along time since I looked up on images. So am I right in saying Microsoft office uses the WMF format for embedding images into the documents it produces. Does that mean this problem is most common in sites produced in such programs as word and publisher?
    Pokemon Pearl FC: 3479 9091 3139

  10. #10
    Veteran Trainer
    Veteran Trainer

    Join Date
    Sep 2002
    Location
    The Fanfiction Forum
    Posts
    19,535

    Default Re: Windows Image Vulnerability (a.k.a. the "Damn it, another one?!" thread)

    Thank you. I appreciate the help. I assume that it must've installed itself during an automatic update, because I still don't see that particular item on the update list. That'll bring me a little peace of mind, especially considering how often there are images on this board in avatars, signatures, and within the posts themselves. Thanks again!
    IT HAS RETURNED.
    THE TPM MAIN SITE.

    Quote Originally Posted by Gavin Luper View Post
    Holy crap ... I'VE become a grammar nazi, too.

  11. #11
    Administrator
    Administrator

    Join Date
    Apr 2001
    Posts
    19,363

    Default Re: Windows Image Vulnerability (a.k.a. the "Damn it, another one?!" thread)

    Quote Originally Posted by Sceptile_Master
    So am I right in saying Microsoft office uses the WMF format for embedding images into the documents it produces.
    No, a large proportion of Microsoft Office programs use either bitmaps or the original file type for embedding images.

    Quote Originally Posted by Sceptile_Master
    Does that mean this problem is most common in sites produced in such programs as word and publisher?
    No, only specially-crafted WMF files contain the exploit. Web sites built using Word or Publisher would only carry the exploit if their authors embedded a specially-crafted WMF file in a page of the site. Speaking of which, any webmaster who uses Word or Publisher to create a web site should be immediately sterilised.
    n/t

  12. #12
    Advanced Trainer
    Advanced Trainer
    Sceptile_Master's Avatar
    Join Date
    Mar 2004
    Posts
    1,657

    Default Re: Windows Image Vulnerability (a.k.a. the "Damn it, another one?!" thread)

    I know what you mean. I saw a small web page that was extremely small and consisted of a nav bar at the side and two paragraphs of text. It's source code was over 20,000 lines long because of M$ publisher. Meaning it's total file size was about 830kb. I bet that person has some serious bandwidth problems.
    Pokemon Pearl FC: 3479 9091 3139

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •