[CS-FSLUG] Another Major MS Windows Security Flaw
Ed Hurst
ehurst at asisaid.com
Sun Jan 1 17:35:23 CST 2006
dmc wrote:
> Yet another reason that serious apps need to be moved off
> MS Windows to a more mature and secure OS platform.
>
> It is frightening to know that many national security,
> health, and other systems still exist under the "toy"
> OS that is MS Windows.
>
> doc
>
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
> 'Extremely Critical Flaw' in Windows Discovered, Already Exploited
> Friday, December 30, 2005
> By Lisa Vaas
Worse, some say the registry tweak doesn't work. There's a good chance
anti-virus won't even be able to block this. The way AV works, they
would have to create a signature for each and every WMF file. Blocking
the function in the rendering DLL isn't possible.
But wait -- it gets worse still. Just visiting a website with one of
these, where some of these WMFs have been renamed to a JPEG for example,
creates a huge door for installing all sorts of malware instantly. No
clicking required.
So far, only those with hardware-based DEP (Data Execution Prevention),
available with the latest CPUs, AFAIK.
--
Ed Hurst
----------
Bible Application - http://ed.asisaid.com/bible/index.html
Plain & Simple Computer Help - http://ed.asisaid.com/
Mission, Method & Means - http://ed.asisaid.com/blog/
More information about the Christiansource
mailing list