Looking at the WMF Issue: How Did it Get There?
Stephen Toulouse writes on The Microsoft Security Response Center blog:
Now that the monthly release has passed and people are deploying the updates I wanted to take a moment to discuss some things related to questions we’ve been receiving on the recent WMF issue. (Which was addressed in MS06-001).More here.
One question we’ve gotten is about SetAbortProc, the function that allows printing jobs to be cancelled.
Specifically people are wondering about how the vulnerability was present. Bear with me, I’m going to get rather technical here in the interests of clearly pointing it out. The long story short is that the vulnerability can be triggered with either correct OR incorrect metafile record size values, there seems to have been some confusion on that point.
0 Comments:
Post a Comment
<< Home