Content

WMF Reloaded

Share

Microsoft Windows WMF graphics rendering engine is affected by multiple memory corruption vulnerabilities. These issues affect the ‘ExtCreateRegion’ and ‘ExtEscape’ functions.These problems present themselves when a user views a malicious WMF formatted file containing specially crafted data.
Reports indicate that these issues lead to a denial of service condition, however, it is conjectured that arbitrary code execution is possible as well.

Well, it is quite possible that we could see yet another rash of WMF exploitation. I believe that it is going to take time before we fully understand all of the different attack vectors and how to defend against them. Then of course there is the whole Win 9x/ME problem, which doesn’t seem to be a problem, yet…
SecurityFocus BID
Bugtraq Posting
ISC Posting
.com

Paul Asadoorian

Paul Asadoorian is currently the Principal Security Evangelist for Eclypsium, focused on firmware and supply chain security awareness. Paul’s passion for firmware security extends back many years to the WRT54G hacking days and reverse engineering firmware on IoT devices for fun. Paul and his long-time podcast co-host Larry Pesce co-authored the book “WRTG54G Ultimate Hacking” in 2007, which fueled the firmware hacking fire even more. Paul has worked in technology and information security for over 20 years, holding various security and engineering roles in a lottery company, university, ISP, independent penetration tester, and security product companies such as Tenable. In 2005 Paul founded Security Weekly, a weekly podcast dedicated to hacking and information security. In 2020 Security Weekly was acquired by the Cyberrisk Alliance. Paul is still the host of one of the longest-running security podcasts, Paul’s Security Weekly, he enjoys coding in Python & telling everyone he uses Linux.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.