Linked by Thom Holwerda on Sat 31st Dec 2005 16:55 UTC
Windows Microsoft acknowledged late Wednesday the existence of a zero-day exploit for Windows Metafile images, and said it was looking into ways to better protect its customers. Even worse, by the end of the day nearly 50 variants of the exploit had already appeared. One security company said the possibilities were endless on how the flaw could be exploited. 'This vulnerability can be used to install any type of malicious code, not just Trojans and spyware, but also worms, bots or viruses that can cause irreparable damage to computers,' said Luis Corrons of Panda Software.
Thread beginning with comment 80410
To read all comments associated with this story, please click here.
Yesh it is...
by ZaNkY on Sat 31st Dec 2005 19:02 UTC
Member since:

Just as a side point, it is completely possible to do whatever you want to the hardware through software, in the hands of a capable programmer. It would most likely have to be done in assembly, although I'm sure it *could* *possibly* be done in a higher-level language.

You could set your monitor refresh rate to 500Hz, set your CPU clock speed to 10 GHz, you could turn off the fans, set your Hard Drive to spin at 30K RPM, heck, you can probably find some software Interrupt that will cause the power supply to overjuice a computer part... The point is it *could* be done, but I don't think that it would be done through some wmf exploit.

If you're smart/capable enough to kill a computer with software, then your *likely* capable enough to either design your own exploit or not do it at all. Most people that I know that have a UBER high knowledge of computers would never use it for destruction.

Enough said about that, I'm kinda of surprised that this "bug" has just recently been acknowledged by MS. I have yet to read the article (time-constraints, will read later), so forgive me If I'm wrong. Something this deep *could* wreak a lot of havoc in the hands of a capable, malicious, person.

For MS's sake, and all Win users, that patch better come


Reply Score: 1

RE: Yesh it is...
by sappyvcv on Sat 31st Dec 2005 19:23 in reply to "Yesh it is..."
sappyvcv Member since:

I hate to continue with the off-topic stuff, but you're way off base. You can't arbitrarily change all those values like you insist. You can change your bus-speed, clock multiplier and a few other things on CERTAIN processors, but it requires a reboot to go into effect.

Not only that, it likely won't cause irreperable damage. Most modern processors have protection against overheating.

There is very little you can change through software (especially when not in ring0 mode) that isn't protected against on modern hardware.

Reply Parent Score: 1

RE[2]: Yesh it is...
by ZaNkY on Sat 31st Dec 2005 20:29 in reply to "RE: Yesh it is..."
ZaNkY Member since:

Sorry to go off topic again ;)

I totally agree, there are many safeguards against it, but again, someone who knew how to get around them *could* get it done if it were his goal. Even if it required a rebott, chances are the user would never see it comming anyways. I was merely bringing out the possibility. Remember, Hardware is controlled with software.

And as far as I know, it's not that hard to get a program to run in Ring0, if it is done through Assembly. I have the link somewhere.... I'll look it up ;)

But hey, I'm not here to argue. Again, I doubt that such harmful code would find its way into a wmf exploit. More like some dumb skidy "format c:" or some other dumb trivial thing.

good points sappyvcv.


Reply Parent Score: 1

RE[2]: Yesh it is...
by Andrew Youll on Sun 1st Jan 2006 14:58 in reply to "RE: Yesh it is..."
Andrew Youll Member since:
2005-06-29 << watch this video it will prove that Intel CPU's are protected against over heating fbut AMD ones arent... well will provide evidence for... i guess prove was too stong a word.

Reply Parent Score: 5

RE: Yesh it is...
by tbostick78 on Sun 1st Jan 2006 09:35 in reply to "Yesh it is..."
tbostick78 Member since:

Just because software controls hardware, doesn't mean software can do whatever it wants with hardware. It's much more plausible that things with incorrect parameters just fail to work at all.

> You could set your monitor refresh rate to 500Hz
Not likely... you'd be replacing the driver, and firmware probably wouldn't acknowledge an absurd value. However, you CAN damage cheaper monitors with incorrect driver settings, you are correct there.

> set your CPU clock speed to 10 GHz
That would be through the BIOS, and I'd be impressed if you could do that. So would Intel.

> you could turn off the fans, set your Hard Drive to spin at 30K RPM

Again, controlling things like power management and throttling you are not going to do even by advanced arbitrary code execution. You are talking about replacing driver code and still having the OS function. And hard drives would not spin at 30K even with your own code and extra power. The drivers/firmware wouldn't even know what to do with those values.

Reply Parent Score: 1