Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Information-Security-News
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[ISN] Windows zero day nightmare exploited

from [InfoSec News] Network Security [Permanent Link]
Subject: [ISN] Windows zero day nightmare exploited
Date: Wed, 28 Dec 2005 13:19:42 -0600 (CST) 
http://www.theinquirer.net/?article=28590

By INQUIRER staff
28 December 2005

F-SECURE, Bugtraq and a number of other security aware outfits have
warned of a zero day vulnerability that's being actively exploited as
we write.

Fully patched Windows XP SP2 machines are vulnerable and there's no
known fix as yet.

A number of trojans are being distributed using the vulnerability,
related to Windows' image rendering.

Have a look, for example, at the F-Secure site, here [1], for more
information.

F-Secure says you can get blatted if you visit a site with an image
file containing the exploit. IE users may automatically be infected.  
Firefox users can get infected if the image file is downloaded.  
There's more solid advice at F-Secure. We await a patch from
Microsoft. µ

* UPDATE Ken Dunham, director at iDefense, said the zero day WMF
exploitation threat affecting fully patched versions of XP and Windows
2003 Web Server is underway. It has been exploited by multiple sites
and added to the infamous Meetasploit tools. Attacks in the last 12
hours, said Dunham, have been minor. But systems so far attacked have
shown clear signs of infection. He warned further attacks were likely.

There is no solid workaround against emerging WMF exploits. Locking
down WMF files on the gateway and building network detection
signatures may mitigate known threats. The impact of attacks may also
increase.

[1] http://www.f-secure.com/weblog/



_________________________________________
Earn your Master's degree in Information Security ONLINE
www.msia.norwich.edu/csi
Study IA management practices and the latest infosec issues.
Norwich University is an NSA Center of Excellence.
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [ISN] Windows zero day nightmare exploited, InfoSec News <=
Previous by Date:  [ISN] REVIEW: "Always Use Protection", Dan Appleman, InfoSec News
Next by Date:  [ISN] Book Review - Securing IM and P2P Applications for the Enterprise, InfoSec News
Previous by Thread:  [ISN] REVIEW: "Always Use Protection", Dan Appleman, InfoSec News
Next by Thread:  [ISN] Book Review - Securing IM and P2P Applications for the Enterprise, InfoSec News
Indexes:  [Date] [Thread] [Top] [All Lists]