[Date Prev][Date Next][Subject Prev][Subject Next][
Date Index][
Subject Index]
RE: Digest form irregularity (hack attack)
- Subject: RE: Digest form irregularity (hack attack)
- From: Patrick Cox pdcox@xxxxxxxx
- Date: Wed, 4 Jan 2006 16:25:45 -0500 (GMT-05:00)
Thanks for the link.
However, the site does say that:
"New versions of Firefox do display an alert when a
suspicious image is encountered on a Web page. But
since viewing an image is usually harmless, most users
will click OK, exposing themselves to infection."
Unless you are given to ignoring such alerts, Firefox
provides at least some protection.
-----Original Message-----
>From: Brian.Henderson@xxxxxxxx
>Sent: Jan 4, 2006 3:49 PM
>To: xywrite@xxxxxxxx
>Subject: RE: Digest form irregularity (hack attack)
>
>The newest exploit that's "all the rage" these days
is just as dangerous using Firefox, since it's not
the browser that's being exploited. It's Windows
dosn't's (appropriately bloated word formation, don't
you think? :) image rendering module.
>
>He's a source I trust for a temporary fix . . . until
Bill gets around to something more "official":
>
>http://WindowsSecrets.com/comp/060104
>
>Excerpt -
>
>The new "WMF Metafile" vulnerability is different:
>
>* It can infect your PC if you merely view an image
formatted as a Windows metafile on a Web page, in
an e-mail attachment, or on your hard disk.
>
>* Every browser is vulnerable - IE, Firefox, Opera,
and others - because the image is not being rendered
by the browser. It's rendered by Windows' own Picture
and Fax Viewer (Shimgvw.dll, also known as the Shell
Image View Control). New versions of Firefox do
display an alert when a suspicious image is
encountered on a Web page. But since viewing an image
is usually harmless, most users will click OK,
exposing themselves to infection.
>
>* If your PC catches an infected metafile - perhaps
through instant messaging or file-sharing software -
the payload can run even if you don't consciously
open or view the image. Google Desktop Search, for
example, causes the payload to be executed when the
metadata of the image is accessed. If the image is
an icon, merely displaying a file directory in
certain views of Windows Explorer can silently
execute a Trojan.
>
>
>-BrianH.
>
>-----Original Message----- From: Patrick Cox
>
>Why are you disillusioned with Firefox?
>
>My understanding is that this new exploit will
not launch automatically in Firefox,
>but if you do choose to download an infected
file through firefox, it will infect
Windows -- which is the problem.
>
>Am I mistaken? If not, the only way to avoid
the problem is to switch to linux or another OS.