English
Log in
Search
The Internet threat alert status is currently normal. At present, no major epidemics or other serious incidents have been recorded by Kaspersky Lab’s monitoring service. Internet threat level: 1

HomeBlogIncidentsJanuary 10 2006More WMF vulnerabilties detected

More WMF vulnerabilties detected

Roel
Kaspersky Lab Expert
Posted January 10, 11:54  GMT
Tags: Microsoft Windows
0
 

Yesterday information about another Windows' WMF handling vulnerability was published.

This time two different functions are exploited, "ExtCreateRegion" and "ExtEscape". This is in contrast to the "SetAbortProc" function which has been exploited very actively by the vulnerability we have recently blogged about.

This doesn't look too good for Microsoft, with a new vulnerability in the same file that a patch was just released for.

However it's not as bad as it seems, as this time it's not possible to execute arbitrary code. The exploitation is limited to Denial of Service.

In other words, the program which is trying to view the malformed WMF file will crash and that's it.


Comments

If you would like to comment on this article you must first
login



Print
Bookmark and Share
Share

Analysis

Malware Evolution: January - March 2007
Vista vs. Viruses
Malware Evolution: July - September 2006
Exploring the x64-treme heights of the Internet
Malware Evolution: July - September 2005

Weblog

LNK zero-day, the fundamentals
Nirvana for cybercriminals?
The figures behind the headache
Lab Matters
April Patch Tuesday Adobe and Microsoft

Alerts

Windows Meta File Vulnerability
Net-Worm.Win32.Mytob, critical Windows vulnerabilities

© 1997-2010 Kaspersky Lab ZAO. All Rights Reserved.
Industry-leading Antivirus Software.
Registered trademarks and service marks are the property of their respective owners.

kaspersky.com

Products

eStore

Threats

Downloads

Support

Partners

About Us

Search

securelist.com

Threats

Analysis

Blog

Descriptions

Glossary

RSS feeds

Contacts

Search