Tuesday, January 03, 2006

WMF 'Construction Kit' In The Wild

Well, I'd venture to say that (a) since Microsoft isn't releasing a patch for this vulnerability until January 10th, and (b) there is a good "temporary" fix already available, you might want to consider temporarily "fixing" this hole until it can be patched permanently.

Jarkko writes over on the F-Secure "News from the Lab" Blog:

We just received a sample of easy-to-use WMF construction kit. The WMF file it generates is based on "first generation" metasploit exploit which itself was based on the very first WMF exploit found in the wild last week. The program itself is not that interesting, it is a console-mode Windows application that just generates a file named "evil.wmf" with whatever payload given from command line. The application is user-friendly but the user still needs to know how to write assembly payloads (or where to download one). That, in addition to fact that at least some WMF files it generates are buggy, makes this construction kit a minor threat.

0 Comments:

Post a Comment

<< Home