Boards.ie

**Capt'n Midnight** · 30-12-2005, 19:02

Quote:

The vulnerability is caused due to an error in the handling of Windows Metafile files (".wmf")... Such records allow arbitrary user-defined function to be executed when the rendering of a WMF file fails. This can be exploited to execute arbitrary code by tricking a user into opening a malicious ".wmf" file in "Windows Picture and Fax Viewer" or previewing a malicious ".wmf" file in explorer (i.e. opening a folder containing a malicious image file).

The vulnerability can also be exploited automatically when a user visits a malicious web site using Microsoft Internet Explorer.

NOTE: Exploit code is publicly available. This is being exploited in the wild. The vulnerability can also be triggered from explorer if the malicious file has been saved to a folder and renamed to other image file extensions like ".jpg", ".gif, ".tif", and ".png" etc.

"F-Secure reports detecting 57 different malicious WMF files in the wild so far."
http://www.sans.org/newsletters/risk Alert Vol. 4 No. 52

Quote:

Originally Posted by The_Edge

If your concerned for you security on the web please follow these steps until Microsoft releases a patch for it. This will unregister, or "disable" for want of a better word, the file that is causing this exploit.

1. Click on the Start button on the taskbar.
2. Click on Run...
3. Type "regsvr32 /u shimgvw.dll" to disable.
4. Click ok when the change dialog appears.

**Capt'n Midnight** · 06-01-2006, 00:48

Patch for
Microsoft Security Bulletin MS06-001
[SIZE=1]Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution (912919)
more
http://www.boards.ie/vbulletin/showp...0&postcount=19

**Capt'n Midnight** · 11-01-2006, 13:16

Second Tuesday again
http://www.microsoft.com/technet/sec.../MS06-002.mspx
Microsoft Security Bulletin MS06-002
Vulnerability in Embedded Web Fonts Could Allow Remote Code Execution (908519)

The recent WMF patch protects IE from dodgy images, this one is to protect IE from dodgy text. Also there is some speculation that the WMF hole in GDI.exe could have been present as far back as Windows 3.0 so you can't assume IE will ever be safe even if it goes 6 months without needing a patch.

Alternatives to IE
http://www.opera.com - Best out of the box browser, closed source but so far the most secure windows browser.
http://www.mozilla.com - most tweakable browser, open source, generally needs patching more often than opera

**Capt'n Midnight** · 25-10-2008, 12:56

http://www.microsoft.com/technet/sec.../ms08-067.mspx
On Microsoft Windows 2000, Windows XP, and Windows Server 2003 systems, an attacker could exploit this vulnerability without authentication to run arbitrary code. It is possible that this vulnerability could be used in the crafting of a wormable exploit.

**Capt'n Midnight** · 17-12-2008, 21:02

http://www.microsoft.com/technet/sec.../ms08-078.mspx

The vulnerability could allow remote code execution if a user views a specially crafted Web page using Internet Explorer

**Capt'n Midnight** · 10-06-2011, 11:22

Lots of patching to do next week.
http://www.microsoft.com/technet/sec.../ms11-jun.mspx

http://www.theregister.co.uk/2011/06...une_pre_alert/

Quote:

Nine of the bulletins earn the dread rating of critical, while the other seven grapple with flaws rated as important. All supported versions of Windows will need patching on 14 June along with various server-side software packages and applications, including the .NET framework and SQL Server. Internet Explorer, which is affected by two bulletins, will also need some fiddling under the bonnet.

Office suites also need to be updated thanks to a security fix for Excel that also affects the Mac OS X version of the product as well as virtually all versions of the spreadsheet software on Windows, including the most recent 2010 and 2011 editions of the software.

**Capt'n Midnight** · 06-07-2012, 10:33

https://secunia.com/vulnerability_scanning/personal/
Must say I'm impressed with the new version. It will patch most of your applications with minimal fuss. You could set it up for your Granny.

RUCKING FETARD · 16-08-2012, 00:41

Microsoft and Adobe Keep IT Busy with Critical Security Patches

**Capt'n Midnight** · 09-04-2013, 21:50

Reminder - new patches for windows / IE out now.

**Capt'n Midnight** · 15-05-2013, 15:10

Just a reminder it's that time of the month again.

http://technet.microsoft.com/en-us/s...letin/ms13-may
Patches for IE6 through IE10 and Office , usual Remote Code Execution stuff

The first patches say there might be less damage if you aren't logged in with admin rights, which is then undermined because the last patch is about attackers gaining elevated privileges anyway.

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search

06-01-2006, 00:48	#17
Capt'n Midnight 00:00 Join Date: Mar 2003 Posts: 40,663 Adverts \| Friends Mod: Biology, Lifehacking, Popular Science, Windows	Patch for Microsoft Security Bulletin MS06-001 [SIZE=1]Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution (912919) more http://www.boards.ie/vbulletin/showp...0&postcount=19

11-01-2006, 13:16	#18
Capt'n Midnight 00:00 Join Date: Mar 2003 Posts: 40,663 Adverts \| Friends Mod: Biology, Lifehacking, Popular Science, Windows	Second Tuesday again http://www.microsoft.com/technet/sec.../MS06-002.mspx Microsoft Security Bulletin MS06-002 Vulnerability in Embedded Web Fonts Could Allow Remote Code Execution (908519) The recent WMF patch protects IE from dodgy images, this one is to protect IE from dodgy text. Also there is some speculation that the WMF hole in GDI.exe could have been present as far back as Windows 3.0 so you can't assume IE will ever be safe even if it goes 6 months without needing a patch. Alternatives to IE http://www.opera.com - Best out of the box browser, closed source but so far the most secure windows browser. http://www.mozilla.com - most tweakable browser, open source, generally needs patching more often than opera

25-10-2008, 12:56	#19
Capt'n Midnight 00:00 Join Date: Mar 2003 Posts: 40,663 Adverts \| Friends Mod: Biology, Lifehacking, Popular Science, Windows	http://www.microsoft.com/technet/sec.../ms08-067.mspx On Microsoft Windows 2000, Windows XP, and Windows Server 2003 systems, an attacker could exploit this vulnerability without authentication to run arbitrary code. It is possible that this vulnerability could be used in the crafting of a wormable exploit.

17-12-2008, 21:02	#20
Capt'n Midnight 00:00 Join Date: Mar 2003 Posts: 40,663 Adverts \| Friends Mod: Biology, Lifehacking, Popular Science, Windows	http://www.microsoft.com/technet/sec.../ms08-078.mspx The vulnerability could allow remote code execution if a user views a specially crafted Web page using Internet Explorer

06-07-2012, 10:33	#22
Capt'n Midnight 00:00 Join Date: Mar 2003 Posts: 40,663 Adverts \| Friends Mod: Biology, Lifehacking, Popular Science, Windows	https://secunia.com/vulnerability_scanning/personal/ Must say I'm impressed with the new version. It will patch most of your applications with minimal fuss. You could set it up for your Granny.

16-08-2012, 00:41	#23
RUCKING FETARD Closed Account Join Date: Jun 2012 Posts: 1,432 Adverts \| Friends	Microsoft and Adobe Keep IT Busy with Critical Security Patches

09-04-2013, 21:50	#24
Capt'n Midnight 00:00 Join Date: Mar 2003 Posts: 40,663 Adverts \| Friends Mod: Biology, Lifehacking, Popular Science, Windows	Reminder - new patches for windows / IE out now.

15-05-2013, 15:10	#25
Capt'n Midnight 00:00 Join Date: Mar 2003 Posts: 40,663 Adverts \| Friends Mod: Biology, Lifehacking, Popular Science, Windows	Just a reminder it's that time of the month again. http://technet.microsoft.com/en-us/s...letin/ms13-may Patches for IE6 through IE10 and Office , usual Remote Code Execution stuff The first patches say there might be less damage if you aren't logged in with admin rights, which is then undermined because the last patch is about attackers gaining elevated privileges anyway.