RE: New article on SecurityFocus (.WMF Vuln)

As of about 11:30pm EST last night, the machines on my home network all
received a patch from MS to resolve this issue. I think that's the first
time I've ever heard of them being *ahead* of their own schedule. (Win Vista
release, anyone?)

-----Original Message-----
From: Phillips Williams [mailto:Phillips.Williams@xxxxxxxx]
Sent: Thursday, January 05, 2006 10:44 AM
To: Erin Carroll; pen-test@xxxxxxxxxxxxxxxxx
Subject: RE: New article on SecurityFocus

ISS has released an XPU 2425, that they recommend to apply to your
servers.
MS will respond to the threat with a patch on January the 10th.
There is a released fix "not officially approved" for this issue.
Symantec is working to send a .DAT by the time MS approved and test its
patch.
I've test some tagging fixes but nothing that a rename payload of the
WMF file can bypass, still trying to isolate the GDI32.dll so that way
the vector doesn't exploit vulnerabilities...
Anybody else did some more testing on this?

Thanks.

Bill -


-----Original Message-----
From: Erin Carroll [mailto:amoeba@xxxxxxxxxxxxxx]
Sent: Wednesday, January 04, 2006 8:50 PM
To: pen-test@xxxxxxxxxxxxxxxxx
Subject: New article on SecurityFocus

A new article on SecurityFocus regarding the recent WMF exploit. I've
personally played with the metasploit package for this but haven't had
time
to check out the updated signatures for various vendors (F-Secure, ISS,
Trend, etc). Out of curiousity has anyone done any testing against the
new
signatures to determine if they are code specific or if tricks like
tagging
%0%0 in the payload bypasses them?


Zero-day holiday
by Kelly Martin
2006-01-04

A few hundred million Windows XP machines lay vulnerable on the Web
today, a
week after a zero-day exploit was discovered. Meanwhile, new approaches
and
ideas from the academic world - that focus exclusively on children - may
give us hope for the future after all.

http://www.securityfocus.com/columnists/377

--
Erin Carroll
"Do Not Taunt Happy-Fun Ball"

--
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.371 / Virus Database: 267.14.12/220 - Release Date:
1/3/2006



------------------------------------------------------------------------
------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on
your
website. Up to 75% of cyber attacks are launched on shopping carts,
forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers
are
futile against web application hacking. Check your website for
vulnerabilities
to SQL injection, Cross site scripting and other web attacks before
hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
------------------------------------------------------------------------
-------

----------------------------------------------------------------------------
--
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are

futile against web application hacking. Check your website for
vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers
do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
----------------------------------------------------------------------------
---




------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

Relevant Pages

  • Re: Qualys
    ... Audit your website security with Acunetix Web Vulnerability Scanner: ... Hackers are concentrating their efforts on attacking applications on ... Up to 75% of cyber attacks are launched on shopping carts, ...
    (Pen-Test)
  • RE: Pre-Scanning for Marketing
    ... Audit your website security with Acunetix Web Vulnerability Scanner: ... Hackers are concentrating their efforts on attacking applications on your ... Up to 75% of cyber attacks are launched on shopping carts, forms, ...
    (Pen-Test)
  • Re: Qualys
    ... Audit your website security with Acunetix Web Vulnerability Scanner: ... Hackers are concentrating their efforts on attacking applications on ... Up to 75% of cyber attacks are launched on shopping carts, ...
    (Pen-Test)
  • Re: Penetration test of 1 IP address
    ... > Audit your website security with Acunetix Web Vulnerability Scanner: ... > Hackers are concentrating their efforts on attacking applications on ... Up to 75% of cyber attacks are launched on shopping ...
    (Pen-Test)
  • Re: Qualys
    ... Audit your website security with Acunetix Web Vulnerability Scanner: ... Hackers are concentrating their efforts on attacking applications on your ... Up to 75% of cyber attacks are launched on shopping carts, ...
    (Pen-Test)