Images and Exploits

I don't know how many people have noticed this because of the WMF stuff, but there are also vulnerabilitys for DOS and Code Execution on BES (Blackberry Enterprise Server) when attempting to handle TIFF and PNG images for the Blackberrys connected to it. Basically special image files emailed to a Blackberry and there's issues.

Back on the WMF thing, it looks like email isn't a direct attack vector - one has to click a link in an email. Most people will click links in email without thinking, but at least it's something. That link also mentions no problems with the patch which is false. There's IE issues and printing issues. The latter is sorta scary, since the vulnerability is linked to printing, so it appears poorly designed/outdated drivers could be broken by a real patch too.

My favorite workaround so far is probably unregistering the DLL as Microsoft suggests, but also changing ACLs to prevent shimgvw.dll from reloading.

In other news, a good summary is available from SANS ISC, which mentions that DEP available in XP SP2 could help with the right system. "However, to work well, it requires hardware support. Some CPUs, like AMD's 64 Bit CPUs, will provide full DEP protection and will prevent the exploit."

Also, there's an interesting writeup on the whole issue with image file vulnerabilities (which have been found in pretty much every OS in the last year or two, although not as a designed in feature like WMF).