Windows Metafile Vulnerability - Notes

Notes

  1. ^ Security Watch: Iniquitous Images Imperil the Internet!, Larry Seltzer, PC Magazine.
  2. ^ A Description of the Image Preview Feature in Windows Millennium Edition, Microsoft.
  3. ^ sunbeltblog.blogspot.com Microsoft clarifies DEP issue
  4. ^ Library for non-Windows operating systems to run WMF files.
  5. ^ Linux/BSD still exposed to WMF exploit through WINE, ZDNet.
  6. ^ It's not a bug, it's a feature, F-Secure.
  7. ^ Exploit-WMF, by McAfee
  8. ^ Does Windows Patch Without Permission?
  9. ^ Microsoft Security Advisory (912840) - Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution, Microsoft Official Advisory on the vulnerability.
  10. ^ http://www.hexblog.com/2005/12/wmf_vuln.html, unofficial patch by Ilfak Guilfanov.
  11. ^ Trustworthy Computing, SANS Institute Internet Storm Center.
  12. ^ Ilfak to the rescue!, F-Secure.
  13. ^ Trustworthy Computing, Slashdot. Linking to SANS Institute Internet Storm Center's article titled Trustworthy Computing (see above).
  14. ^ .MSI installer file for WMF flaw available, SANS Institute Internet Storm Center.
  15. ^ How to Configure Memory Protection in Windows XP SP2, software-enforced Data Execution Prevention (DEP) feature in Microsoft Windows XP SP 2.
  16. ^ How to improve browsing performance in Internet Explorer (KB153790), Microsoft.
  17. ^ Images are blocked when you open an e-mail message in Outlook Express on a Windows XP Service Pack 2-based computer (KB843018), Microsoft.
  18. ^ http://www.nod32.ch/en/download/tools.php Unofficial WMF patch by Paolo Monti distributed by ESET.
  19. ^ http://blogs.securiteam.com/index.php/archives/210 Unofficial Windows 98SE patch by Tom Walsh.

Read more about this topic:  Windows Metafile Vulnerability

Famous quotes containing the word notes:

    ‘Tis the gift to be simple ‘tis the gift to be free
    ‘Tis the gift to come down where you ought to be
    And when we find ourselves in the place just right
    ‘Twill be in the valley of love and delight.
    —Unknown. ‘Tis the Gift to Be Simple.

    AH. American Hymns Old and New, Vols. I–II. Vol. I, with music; Vol. II, notes on the hymns and biographies of the authors and composers. Albert Christ-Janer, Charles W. Hughes, and Carleton Sprague Smith, eds. (1980)

    The germ of violence is laid bare in the child abuser by the sheer accident of his individual experience ... in a word, to a greater degree than we like to admit, we are all potential child abusers.
    F. Gonzalez-Crussi, Mexican professor of pathology, author. “Reflections on Child Abuse,” Notes of an Anatomist (1985)

    A little black thing among the snow
    Crying “’weep, ‘weep,” in notes of woe!
    “Where are thy father & mother? say?”
    “They are both gone up to the church to pray.
    William Blake (1757–1827)