“As bleaker details emerged Thursday about the threat posed by a zero-day vulnerability in Windows, Microsoft said it would produce a patch for the flaw but declined to put the fix on a timetable,” Gregg Keizer reports for TechWeb News. “In a security advisory posted on its Web site, Microsoft confirmed the vulnerability and the associated release of exploit code that could compromise PCs, and listed the operating systems at risk. Windows 2000 SP4, Windows XP [Service Pack 1 and Service Pack 2 as well as Windows Server 2003 with Service Pack 0 and Service Pack 1 – source: Secunia, see below], Windows Server 2000, Windows 98, and Windows Millennium can be attacked using the newly-discovered vulnerability in WMF (Windows Metafile) image file parsing, said Microsoft.” It can be exploited when an Internet Explorer user, or Firefox user visits a Web site that has malicious code on it or when a user previews .wmf format files with Windows Explorer.
“And other details began emerging Thursday that indicated the threat may be worse than originally believed,” Keizer reports. “‘It’s really easy to get this thing,’ said Shane Coursen, a senior technical analyst with Moscow-based Kaspersky Labs. ‘The exploit will even work through a DOS box.’ … At the moment, say the experts, exploits are “only” installing spyware and/or fake anti-spyware software. That’s bad enough, said two security firms, including one that specializes in combating spyware. ‘Now we’re seeing many more using this to install bad stuff,’ said Alex Eckelberry, president of anti-spyware developer Sunbelt Software. ‘This is a really bad exploit. Be careful out there.'”
Full article here.
Secunia Advisory: Microsoft Windows WMF “SETABORTPROC” Arbitrary Code Execution
• Extremely critical
• Description: A vulnerability has been discovered in Microsoft Windows, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to an error in the handling of Windows Metafile files (“.wmf”) containing specially crafted SETABORTPROC “Escape” records. Such records allow arbitrary user-defined function to be executed when the rendering of a WMF file fails. This can be exploited to execute arbitrary code by tricking a user into opening a malicious “.wmf” file in “Windows Picture and Fax Viewer” or previewing a malicious “.wmf” file in explorer (i.e. opening a folder containing a malicious image file).
The vulnerability can also be exploited automatically when a user visits a malicious web site using Microsoft Internet Explorer.
NOTE: Exploit code is publicly available. This is being exploited in the wild. The vulnerability can also be triggered from explorer if the malicious file has been saved to a folder and renamed to other image file extensions like “.jpg”, “.gif, “.tif”, and “.png” etc.
The vulnerability has been confirmed on a fully patched system running Microsoft Windows XP SP2. Microsoft Windows XP SP1 and Microsoft Windows Server 2003 SP0 / SP1 are reportedly also affected. Other platforms may also be affected.
Secunia Advisory here.
“Microsoft really has improved the security of its code over the last few years. The fact that every now and then a bug like the new WMF bug still comes along just goes to show how careless the old code is,” Larry Seltzer reports for eWeek. “The problem with the WMF (Windows Metafile) file format turns out to be one of those careless things Microsoft did years ago with little or no consideration for the security consequences. Almost all exploits you read about are buffer overflows of some kind, but not this one. WMF files are allowed to register a callback function, meaning that they are allowed to execute code, and this is what is being exploited in the WMF bug… I’m hesitant at this point to go into details until there is a patch, but my own research confirms that the potential for spreading this attack far and wide is immense and that easier vectors than Web pages exist.”
“Adware sites appear to be going hog-wild with this attack. According to Sunbelt Software, over a thousand sites are spreading more than 50 variants of it, thanks to an underground adware infection network that acts something like the DoubleClick of adware,” Seltzer reports. “Rather than try to keep the format useful for its customers, Microsoft ought to think of saving the rest of the world; WMF has become poisoned and it’s time for customers to move on.”
Full article here.
Windows-only users, are you enjoying your experience, yet? Have you finally had enough? There is a better way. A far, far, far better way: Macintosh. Because life’s too short.
Advertisements:
• The New iPod with Video. The ultimate music & video experience on the go. From $299. Free shipping.
• Connect iPod to your television set with the iPod AV Cable. Just $19.00.
• The New iMac G5. Built-in camera and remote control. From $1299. Free shipping.
• Apple USB Modem. Easily connect to the Internet using your dial-up service. $49.00.
Related MacDailyNews articles:
Mac tips for former Windows users – December 28, 2005
Switching from Microsoft Windows to Apple Macintosh – December 04, 2005
Apple’s Mac OS X, Safari web browser show market share gains – December 03, 2005
Want to switch to Mac? Mossberg answers common questions – November 10, 2005
Why people are switching from Microsoft’s Windows to Apple’s Mac OS X – November 09, 2005
Windows PC retailers face tough holiday season, meanwhile Apple stores are packed as Mac sales surge – November 09, 2005
Analyst estimates over a million Windows to Mac switchers during 2005’s first three quarters – November 07, 2005
Windows sufferers: It’s not your fault, but it is your problem – switch to Mac – November 07, 2005
Tech writer: Windows PCs highly vulnerable to zombie hijacking; get an Apple Mac instead – November 06, 2005
Windows switchers, now’s your chance: Apple Mac mini with Mac OS X Tiger for $379 – November 03, 2005
Computer columnist: anti-virus software purely optional for Apple Macs, not so for Windows – November 01, 2005
Microsoft apologists and why Apple’s Mac OS X has zero viruses – October 24, 2005
Mossberg: Switching from Windows to Mac – software not an expensive proposition – September 30, 2005
Windows to Mac switchers: recommendations and Total Cost of Ownership analysis – September 29, 2005
Switching from Windows to Mac is easy and liberating – September 14, 2005
Mossberg offers resources for Windows users interested in switching to Apple Mac – August 18, 2005
Windows users’ questions and concerns answered about Windows to Mac switch – July 27, 2005
Get your Outlook info off your PC and onto your Mac – March 05, 2003
The best way to transfer Windows Outlook folders to Mac OS X – January 22, 2003
Security company Sophos: Apple Mac the best route for security for the masses – December 06, 2005
Microsoft Windows virus spreads rapidly; Apple Macintosh unaffected – November 28, 2005
Computer columnist: anti-virus software purely optional for Apple Macs, not so for Windows – November 01, 2005
Microsoft apologists and why Apple’s Mac OS X has zero viruses – October 24, 2005
NY Times’ Pogue: Apple’s iMac G5 with sleek, virus-free, spyware-free OS earns place in living room – October 19, 2005
$500 bounty offered for proof of first Apple Mac OS X virus – September 27, 2005
Symantec: 10,866 new Microsoft Windows virus and worm variants in first half 2005 – September 19, 2005
How to avoid viruses and malware? Dump your Windows PC and get an Apple Macintosh – August 22, 2005
Do Apple Mac OS X users need antivirus software? – August 22, 2005
ZDNet: How many Mac OS X users affected by the last 100 viruses? None, zero, not one, not ever – August 18, 2005
Hackers already targeting viruses for Microsoft’s Windows Vista – August 04, 2005
16-percent of computer users are unaffected by viruses, malware because they use Apple Macs – June 15, 2005
Intel CEO Otellini: If you want security now, buy a Macintosh instead of a Wintel PC – May 25, 2005
There are no viruses for Apple’s Mac OS X – May 13, 2005
Apple touts Mac OS X security advantages over Windows – April 13, 2005
97,467 Microsoft Windows viruses vs. zero for Apple Mac’s OS X – April 05, 2005
Apple’s Mac OS X is virus-free – March 18, 2005
Cybersecurity advisor Clarke questions why anybody would buy from Microsoft – February 18, 2005
Security test: Windows XP system easily compromised while Apple’s Mac OS X stands safe and secure – November 30, 2004
Microsoft: The safest way to run Windows is on your Mac – October 08, 2004
Information Security Investigator says switch from Windows to Mac OS X for security – September 24, 2004
New York Times: Mac OS X ‘much more secure than Windows XP’ – September 18, 2003
Defending Windows over Mac a sign of mental illness – December 20, 2003
I hope Windows users forget all this when Mac OS X gains share and we start seeing viruses show up for it. Otherwise we are in for some serious crow-eating.
Beautiful. Happy New Year courtesy of your friends at Microsuck.
“as well as Windows Server 2003 with Service Pack 0 and Service Pack 1”
” width=”19″ height=”19″ alt=”raspberry” style=”border:0;” />
i don’t see that in the article? not that i mind
“I hope Windows users forget all this when Mac OS X gains share and we start seeing viruses show up for it.”
Don’t hold your breath waiting for it to happen pal. It’s already been over 5 years and yet there are still ZERO viruses for Mac OS X out there. Market share has nothing to do with it.
Joe,
Stick to farming.
Farmer Joe–Kiss Dolly for me.
Sorry guys,
While in my Windows-induced stupo..I mean… trance, I somehow forgot, that Unix-based systems akin to Mac OS X abound in mission-critical systems the world over and is too permissions-bound for .exe automatic executables to ever get anywhere.
Thus, ignore what I just said in my previous post.
Create as many Unix viruses as you want, but they will just sit on your computer forever– ad infinitum, ad nauseum.
Mac OS X virus = All dressed up, with nowhere to go.
MDN MW = aid
” width=”19″ height=”19″ alt=”tongue wink” style=”border:0;” />
as in
OS X does not aid virus self-replication the way Windows does.
MS knows: A timetable will only embolden the hackers.
I just fookin’ love this, I’m gonna curl up and lick myself to sleep. Twenty years of loathing msdos and this little machead is getting a little payback. Come on 2006, I have a warm feeling.
Fellow Mac users. Do you ever feel that Winduz users are like horses with their barn on fire?
We Mac people keep trying to lead them out to safety, towards a nice new barn that is NOT on fire (and likely fire PROOF) but they keep turning around and blindly running back into the flaming barn because it’s been the only “home” they know.
hey i just read this article about the N.S.A. using “cookies” to track peoples computers surfing the “internets” does this affect Macs too? i want to know
http://www.cnn.com/2005/TECH/internet/12/29/spy.agency.privacy.ap/index.html
come on moderaters, isnt it time to post this, you posted my tip about the ipod meat story. thanks
<“Whats that? Another piece of duct tape fell off the Wall of Windows?!?! Quick put another piece there b4 it falls apart!” Yells the MS drill sergeant.
“YES SIR!” screams the lacky.
SQUASH goes the lacky when it falls on him.>
Anything else need to be said? Oh ya.
Macintosh, because life is to short.
MDN I cracked up when I read that at the end of the article, lets make it a reality yet!
My computer at work has been attacked twice today! I had to restore it once and was able to fend off the other attack! I even had McAfee virus crap loaded on there.
Windoze sucks now more that ever.
And then I come home to my Mac…… Ahhhhhhh!
February 2006 will be four years since we purchased our first Mac OSx machine.
That is four years with no viruses, no data loss, no downtime, no blue-screen-of death and not even a single hang or reboot.
I haven’t been so happy computing since I bought my first KayPro IV (cp/m based) in 1983.
The Mac just works. Stable, secure.
Thank you Apple & Steve Jobs.
Lost Budgie Blog
hey i just read this article about the N.S.A. using “cookies” to track peoples computers surfing the “internets” does this affect Macs too? i want to know
Yes, it affects Macs. MacDailyNews uses cookies. (I think they are part of MDN’s trying to send any user only one pop-under ad a day.) Almost every commercial website uses them. For instance, that’s how Amazon.com, etc. know it’s you when you visit their site days later.
Unless you are ulta-paranoid, don’t worry about it. (Have you been surfing sites you don’t want others who have access to your computer to find out about – e.g. PORN?)
If you do worry about it, delete your cookies with some frequency. In Safari, it’s under Safari>Preferences, the Security tab. You can view what cookies you have and then delete some or all of them. You can also totally disable receiving cookies but be forewarned that some sites will not work with cookies diabled. Some will give you a warning and ask you to turn them on. Others will simply not work right.
Some other browsers (Opera?) can be set to delete all cookies upon exit (or was that start up. While I have used Firefox & Camino some, I haven’t looked into all their cookie handling options. I don’t do IE.
Does anyone have any comments about other browsers?
Technical explanation: The Web is “stateless”. It does not remember the last page you were at. Thus cookies are often used to preserve individualized information as you go from page to page within a site. Cookies are supposedly only accessible to the web site that created them – MDN can’t look at your Apple.com cookies and vice versa. Though I am not sure what the latest info on that is.
Can anyone comment.
Where the NSA got in trouble is their website was found to be using cookies. Under US law, it is illegal for the NSA to collect ***ANY*** information about US citizens. Under the law, cookies qualify as data collection. From other articles I saw today, the NSA did not have cookies on their original websit, but software was changed, someone got sloppy or lazy, etc., etc., and they wound up with cookies on their website. They are now supposedly removed, after they were brought to the NSA management’s (and US lawmakers & other regulatory & watch dog groups) attention.
Does that answer your question?
That’s it, I’m switching to Windows. With the hundreds of patches so far, it HAS to be the most secure OS out there! This “zero-day” attack has to be the last!
Billy, I’m bending over, c’mon in!
Man I LOVE reading about all these Windows problems! Gives me a warm fuzzy feeling inside knowing I dumped that POS OS 5 years ago!
Got to love it! Keep up the great work Microsoft!
qka,
thanks – informative post.
Joe the Farmer said: “… when Mac OS X gains share and we start seeing viruses show up for it.”
Knuckle head, this false logic, “security by obscurity®” doesn’t hold water. How many millions more of OS X installations will qualify it as not obscure?
Since Windows Pasta (a.k.a Stillborn) will be quite “popular” does that mean it will be as insecure as its predecessors?
Gee, I wonder if it’s the underlying code of an OS that makes it secure or insecure?
Fool.
Lost Budgie,
You can’t have been more happy with that luggable Kaypro than you are with Mac OS X!!! I used one of those for awhile and absolutely hated it. Sure it was great back then, but you can’t even compare it today. Did you have to use that horrible word processor, WordStar on that thing? Yuck!
And now for another broken record apology by the MS Press fanboys
“Microsoft really has improved the security of its code over the last few years. The fact that every now and then a bug like the new WMF bug still comes along just goes to show how careless the old code is,” Larry Seltzer reports for eWeek. “The problem with the WMF (Windows Metafile) file format turns out to be one of those careless things Microsoft did years ago with little or no consideration for the security consequences.
ba.. dump.. dump… chhhhh
Larry, Rob, and those of your ilk, your story is getting old. There is NO EXCUSE for missing something like this. Stop making excuses for these losers and move into the 21st century.
I guess you guys missed all those proven vulnerabilities that were found in OS X. Too busy drinking your kool-aid?
Look, I’m a mac user. I use macs. I love macs. But I’m not an idiot, and I don’t feel the need to delude myself into thinking my machine is invulnerable. I’ll grant that OS X has some things going for it. But to think that it is invincible is idiotic. It has been proven in the past that Apple can be hacked (think Fairplay, OSx86). There have been proof of concept viruses. Apple still releases frequent security updates.
OS X is not totally secure. If enough hackers get interested, there will be exploits. No piece of software is flawless. This is a simple fact.
As much as you and I might want Apple to succeed, there WILL be mac viruses. And I think you guys are really setting yourselves up to eat some serious crow when they start showing up.
Its sill amazes me that a company of MS’ size with the amount of money at their disposal, the resources that they could afford can’t get their shit together. I wonder what Apple could do with what MS has….
I guess we’re lucky that the government doesn’t run the way MS does.
Sorry, bad example. It does.