Linked by Thom Holwerda on Sat 31st Dec 2005 16:55 UTC
Windows Microsoft acknowledged late Wednesday the existence of a zero-day exploit for Windows Metafile images, and said it was looking into ways to better protect its customers. Even worse, by the end of the day nearly 50 variants of the exploit had already appeared. One security company said the possibilities were endless on how the flaw could be exploited. 'This vulnerability can be used to install any type of malicious code, not just Trojans and spyware, but also worms, bots or viruses that can cause irreparable damage to computers,' said Luis Corrons of Panda Software.
Permalink for comment 80410
To read all comments associated with this story, please click here.
Yesh it is...
by ZaNkY on Sat 31st Dec 2005 19:02 UTC
ZaNkY
Member since:
2005-10-18

Just as a side point, it is completely possible to do whatever you want to the hardware through software, in the hands of a capable programmer. It would most likely have to be done in assembly, although I'm sure it *could* *possibly* be done in a higher-level language.

You could set your monitor refresh rate to 500Hz, set your CPU clock speed to 10 GHz, you could turn off the fans, set your Hard Drive to spin at 30K RPM, heck, you can probably find some software Interrupt that will cause the power supply to overjuice a computer part... The point is it *could* be done, but I don't think that it would be done through some wmf exploit.


If you're smart/capable enough to kill a computer with software, then your *likely* capable enough to either design your own exploit or not do it at all. Most people that I know that have a UBER high knowledge of computers would never use it for destruction.

Enough said about that, I'm kinda of surprised that this "bug" has just recently been acknowledged by MS. I have yet to read the article (time-constraints, will read later), so forgive me If I'm wrong. Something this deep *could* wreak a lot of havoc in the hands of a capable, malicious, person.

For MS's sake, and all Win users, that patch better come soon....lol

--ZaNkY

Reply Score: 1