Jump to content

WMF vulnerability

fdv

By fdv
in HFSLIP

 Share

Recommended Posts

fdv

fdv

Posted
  • Author
Posted (edited)

That is pretty funny, the SANS thing.

cluberti, you are to be commended publicly on your courage, coming out with this info. We don't hold you personally responsible of course, but you must realize that most of what we do on this board is kinda doing what MS should have done, as saug notes... :whistle: The thing is, Microsoft is only gonna throw you under the wheels of the bus. I don't think they care... at all. Oh sure, they'll issue a fix... but in their timeframe.

For example, there is a published fix for the Win2k HALT bug, and I'm willing to bet my Tylyn John autographed photo that we won't see a fix for it until you actually say something to the powers that be. When we vent on MS, it's out of frustration at the fact that what we want is simply ignored.

MSFN is also filled with testers too, of course. WE could test, and probably every language too... I'll give you an example of how willing we are to test whatever...

When they introduced Crystal Pepsi, we all weighed in with our opinions.

Remember that, guys? Sure, you do. It was New Year's 1993 and the doorbell rang... Oleg_II was dancing around with a lampshade on his head, I was playing Duelling Banjos with TommyP, and strippers cavorted completely hammered and throwing various meats and cheeses around the suite and we find out that PepsiCo had sent reps to the MGM Mirage in Vegas where we were staying. They came up to the suite -- it took some time to let them in, we didn't hear them at first with the Motley Crue blaring and besides, Saugatak had brought a monkey with him for kicks, and the monkey had gotten ahold of the rented midget's .45 (yeah, TommyP and I rent a midget for every New Year's party, so what?) and although the pistol wasn't loaded, we didn't know that at first... Everything went nuts when Tomcat76 screamed "Chimp with a GUN!!" but he managed to disarm him by distracting him with an inflatable Steve Jobs doll.

Yep. Remember it like it was yesterday.

I need to go to bed.

Edited by fdv
Link to comment
Share on other sites

fdv

fdv

Posted
  • Author
Posted

Just a general, last note... Sober will begin to hit on the 5th of January (tomorrow).

If you use my fileset, you don't have to worry about SHIMGVW.DLL, but an infected WMF file could still attempt to make use of the Escape() function in GDI32.DLL (so at this point it is unclear if I can brag that my fileset protects against this completely).

If you're an admin, apply the unofficial patch or go to work early and tell your users that of all the days to open spam "just to see what it says," the 5th is a really bad day to do it.

Link to comment
Share on other sites
WWWebb

WWWebb

Posted
Posted
For those of you bashing Microsoft about the latest vulnerability (and yes, we do deserve some of the licks, but not all):

And I hope you took my rather droll comment back and used it as ammunition supporting the early release of the hotfix.

Regards,

WWWEbb

Link to comment
Share on other sites
WWWebb

WWWebb

Posted
Posted
CoolWeb

I'm sure Gates got one look at your avatar and said, Get that patch out now! :blink:

Are you talkin' to me?

FYI, the picture of my avatar is our 110 pound yellow Lab named "Memaw's Scratch Biscuit".

It was taken during the fifteen second interval during which he was dressed up as Elvis for Halloween.

No photoshop- it's a $5 latex headpiece with black mesh over the eyeglass holes.

I found it at CVS and the color just jumped out and told me who was s'posed to wear it.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...