mailing list archives
REWMF Risk Analysis for Win9X anyone ?
From: "Peter Ferrie" <pferrie () symantec com>
Date: Fri, 6 Jan 2006 08:49:22 -0800
Did anyone conduct a compreensive risk analysis of the WMF vulnerability
for Win9X/ME systems ? ISC analysis is very ambiguous, and MS position
on the issue is more on the lines of "we don't want to be bothered".
What ARE the real risks (or lack of them) for Win9X/ME systems ?
The same as for Windows NT and 2000 - files without the placeable header will not display automatically in applications
such as Internet Explorer, and files with the placeable header are not allowed to call the vulnerable function.
However, applications other than Internet Explorer, which do recognise files without the placeable header, can call
directly into the GDI!PlayMetaFile() function, which will eventually call into the vulnerable function.
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/