Results 1 to 15 of 74

Thread: New Windows Exploit found, please read this and take appropriate precautions.

Threaded View

  1. 4th-January-2006, 18:40 #1
    Cosmic's Avatar
    Cosmic
    Cosmic is offline Cookie Thief
    Join Date
    Jul 2001
    Posts
    8,276
    Thanks
    6
    Thanked 96 Times in 22 Posts
    EP Points
    205

    Default New Windows Exploit found, please read this and take appropriate precautions.

    Quote Originally Posted by http:/www.securityfocus.com
    Windows 0-day exploit found on Web
    Published: 2005-12-28

    A previously unknown vulnerability in the Microsoft Windows graphics rendering engine is being exploited by several malicious Web sites to infect visitors' systems, security experts said on Wednesday.

    The vulnerability can be triggered remotely and gives the attacker full system privileges, according to technical descriptions of the issue. However, in a security bulletin released late Wednesday, Microsoft maintained that only local user privileges could be gained through the vulnerability. In the last 24 hours, three different Windows Meta Files (WMFs) have been detected trying to use the vulnerability to spread, according to antivirus firm F-Secure.

    "Do note that it's really easy to get burned by this exploit if you're analyzing it under Windows," Mikko Hypp�nen, chief research officer for F-Secure said in a blog posting. "All you need to do is to access an infected web site with IE (Internet Explorer) or view a folder with infected files with the Windows Explorer."

    Increasingly, security and software companies are worried about vulnerabilities that are exploited without any previous warning. Called zero-day exploits, the attacks can compromise systems before software makers issue patches to fix a security issue. Last month, a security researcher attempted to sell a previously unknown vulnerability in Microsoft Excel on eBay. Several companies have marketed defenses against zero-day exploits and Microsoft has created a network of automated Windows systems, known as honeymonkeys, that browse the Web to find malicious code targeted at Internet Explorer.

    Google Desktop users have to be particularly careful as the search giant's software indexes any downloaded image file, an action that will cause the exploit to immediately execute, according to security researchers. A Microsoft spokesperson said the company is currently investigating the reports.
    This primarily affects any website where users can submit their own images... yes, even these forums. Myspace, Wikipedia and eBay are also vulnerable. ALL Windows users stand a chance of being infected and at this time the best course of action is to use FireFox since it prompts you before the file downloads and executes itself. Microsoft claim that a fix will be released on the 10th of January, so in the meantime be vigilant. All it takes is a dodgy 1x1 pixel image on a webpage or email and you're infected. If you have the file in your cache, DO NOT try to delete it. Even highlighting the filename in Windows Explorer can be fatal. I just wanted to give everyone here a heads up since it really is a nasty piece of work and any Windows user stands a chance of being infected.

    EDIT: More information here, and there's also an unofficial patch available. It's been verified by multiple websites, but as always use at your own risk.

    EDIT 2: ...And here's what Microsoft have to say about the situation.
    Last edited by Cosmic; 4th-January-2006 at 19:04.
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules

About Us

We are the oldest retro gaming forum on the internet. The goal of our community is the complete preservation of all retro video games. Started in 2001 as EmuParadise Forums, our community has grown over the past 18 years into one of the biggest gaming platforms on the internet.

Links
Social