WMF Woes? Patch Things Up (Unofficially)!

Worried about the WMF vulnerability. Secure Enterprise Magazine's Editor Mike Fratto has found two 'off the record' fixes that will do a good job of holding down the fort until Microsoft comes up with something more official. Mike explains: While...

January 4, 2006

1 Min Read
NetworkComputing logo in a gray background | NetworkComputing

Worried about the WMF vulnerability. Secure Enterprise Magazine's Editor Mike Fratto has found two 'off the record' fixes that will do a good job of holding down the fort until Microsoft comes up with something more official. Mike explains:

While I am not in the habit of recommending unofficial patches, it seems like the WMF vulnerability is pretty nasty, so you probably want to spend some time testing and deploying the work-arounds. Simply blocking files ending in .wmf won't be enough because Windows handles WMF files based on file structure, not extension. Files ending in .jpg and .gif are just as likely to be WMF files as not.

Ilfak Guilfanov has put together a patch that SANS is endorsing as a viable short term solution until Microsoft comes up with something. F-Secure also has a workaround as well as a wealth of information from their own research and from others like SANS and Ilfak Guilfanov.

I have been using the SANS work-around for days with no ill effects and I, like others, have successfully tested the workarounds against working exploits as well as Metasploits version.

Just remember to remove this patch -- if you use it -- prior to installing Microsoft's.

SUBSCRIBE TO OUR NEWSLETTER
Stay informed! Sign up to get expert advice and insight delivered direct to your inbox

You May Also Like


More Insights