Problems with Lotus Notes and the WMF exploit

I’m certainly not the first to break this, but it is of interest.  From NIST.org, Lotus Notes is not immune from the WMF exploit.  Link here via Suzi. Alex Eckelberry

Continue reading

RFID maker VeriChip files for an IPO

You can see the prospectus here.  Article on TechWeb via techdirt.   Alex Eckelberry

Continue reading

The DEP controversy

I admit I’m getting rather tired of talking about this WMF exploit and hope to stop writing about it soon.  But because we were the first security company to break the story, a lot of people have been coming to this blog and we feel we have a responsibility to keep people updated. Last night I blogged […]

Continue reading

A note on DEP and the WMF exploit

Update: This is NOT a guaranteed fix.  See latest. Based on preliminary research, we’re finding that systems with software-enforced DEP will get the WMF exploit, but systems with hardware-enforced DEP will not.   However, your results may vary, so don’t take this as gospel. For those of you unfamiliar with DEP, Microsoft explains it well: Data Execution […]

Continue reading

Exfol/WebExt using WMF exploit on rotational popups

Errata:  In the original blog, credit was accidently given to the incorrect person for providing us with the info that Exfol was using this exploit.  Correct credit goes to Dan Hubbard/WebSense. And thanks, Gadi Evron. Exfol/WebExt is a piece of adware that is often offered through popup ads at various sites.   This means they buy advertising […]

Continue reading

It’s a tough life in Florida

A break from WMF exploits and the like: Our creative director, Robert LaFollette, took his holiday vacation in the Florida Keys (Sunbelt is in the Tampa area, so the Keys south of us, about an 8 hour drive).  Of course, he took lots of pictures and you can see them here.  And you can read […]

Continue reading

Protect yourself from the WMF exploit using the Sunbelt Kerio Firewall

Our friends over at Bleeding-Edge Snort http://www.bleedingsnort.com/ have posted a snort rule to block all infected Windows Metafiles (WMF). We have tested this with our Kerio Firewall product and it does indeed work and block all of this nasty stuff. The following Bleeding-Edge Snort rules, when implemented into Sunbelt Kerio Personal Firewall, have been successful […]

Continue reading

Preliminary settlement for Sony suit

Girard Gibs and Kamber and Associates sued Sony BMG, First 4 Internet and SunnComm International last month in regard to the Sony rootkit mess. We have obtained a copy of a preliminary settlement that was filed today seeking judicial approval for a settlement in the Sony case. The proposed settlement is as follows:   Under […]

Continue reading

Microsoft post: "Possible Windows Vulnerability"

Latest post from Microsoft on the WMF exploit that’s capturing everyone’s attention: New Security Advisory for Possible Windows Vulnerability Hi everyone, Stephen Toulouse here. Just wanted to make everyone is aware that this evening the MSRC posted a security advisory regarding a possible vulnerability affecting the Graphics Rendering Engine in Windows.  The MSRC has made […]

Continue reading

Workarounds for the WMF exploit

UPDATE:  Houston, we have an unofficial hotfix!   Install Ilfak Guilfanov’s patch.  Link here.  You will need to remember to uninstall it after Microsoft releases its patch.  Frequently Asked Questions here. Caveat — this is an unofficial, unsupported fix. However, it has been broadly tested by many in the Internet community and we recommend it […]

Continue reading