View Whole Thread
Thread: Windows Users, Critical Security Alert!!!
View Single Post
  #4 (permalink)  
Old 01-08-2006, 12:59 AM
scorpion's Avatar
scorpion scorpion is online now
Administrator
  
Join Date: Aug 2004
Posts: 1,991
Thanks: 125
Thanked 383 Times in 152 Posts
scorpion is a splendid one to beholdscorpion is a splendid one to beholdscorpion is a splendid one to beholdscorpion is a splendid one to beholdscorpion is a splendid one to beholdscorpion is a splendid one to beholdscorpion is a splendid one to beholdscorpion is a splendid one to behold
Send a message via MSN to scorpion Send a message via Yahoo to scorpion
Default
Yes this is huge.

A researcher found the file shimgvw.dll is vulnerable, so he released a security advisor along with 0-day exploit in his blog on Christmas day, knowing Microsoft's security experts are on holidays, no one to fix it asap.

The problem presents itself when a user views a malicious WMF formatted file, triggering the vulnerability when the engine attempts to parse the file. (check out http://www.fxfisherman.com/downloads/anything.wmf)

The issue may be exploited remotely or by a local attacker. Any remote code execution that occurs will be with the privileges of the user viewing a malicious image. An attacker may gain SYSTEM privileges if an administrator views the malicious file.
__________________
Make easy pips with the Advanced Economic Calendar for Forex Trading.
Reply With Quote
Read Full Version of This Topic!

Registered members have access to special online forex currency trading tools, software, mt4 expert advisors and indicators. Register now

Main Menu

Economic Forecast

Embed In Your Website View All Forex Forecasts