Windows WMF code exploit
Posted on Sat 14 January 2006 in Uncategorized.
Dabbbbaaa >insert gibbering here<
What, the, Holy, Fsck?
Have a read and listen here.
The upshot of this (if you don’t want to click the link) is that the recent WMF vulnerability seems to have been INTENTIONALLY included by Microsoft
If it was due to sloppy coding, it would happen using constructed WMF’s like every other exploit using specially crafted files.
It seems to use this exploit, in the WMF, you need to have a special header code; this means you need to know it exists to exploit it.
You can’t accidentally stumble across it.
You can’t do something weird and wonderful to find it, it was built in.
The ONLY people who could do this are at Microsoft.
Now, this is all hypothetical. This is taking the available evidence and extrapolating it. It could all be wrong and a misunderstanding.
But it might not. Microsoft might have built a back door into every version of Windows since Windows 2000. That is a HUGE proportion of the computers currently running.
What to do? I dunno. I’m waiting for more proof (or lack of rebuttal by Microsoft) of this.
If it is true however, Windows on this laptop is at the very least never talking to the Net again; I really really really want to wipe it’s sorry ass off my laptop.
But I’m getting back to my anti-M$ again. From this, shouldn’t you be as well?