North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: WMF patch
At 12:54 PM 1/5/2006, you wrote:
Thanks Thomas, something really useful. One thing I am still curious about, I read that there were other image formats can be used in an exploit, GIF, .BMP, .JPG, .TIF can also be used, according to F-Secure. I find this a little confusing, if that dll only deals with WMF file type then the exploit must not be directly connected with that dll Or does that dll handle all of those as well?I believe Windows uses the file header/descriptor data as well as or instead of the extension to know how to handle images. Otherwise, simply renaming/blocking all WMF files would result in an effective mitigation method.
Tellurian Networks - The Ultimate Internet Connection
http://www.tellurian.com | 888-TELLURIAN | 973-300-9211
"Well done is better than well said." - Benjamin Franklin