Blog View Stats for December A George Gibson Update

An interesting day in IT

January 5th, 2006 at 12:14pm

Looking at some of the news in the IT world at the moment, there is certainly a lot happening.

Starting with the Microsoft WMF (Windows Metafile) bug, which is undoubtedly the worst bug Microsoft have had for quite a while. Basically, a WMF file is a vector image script, which defines lines and shapes, effectively allowing it to be scaled to any size without distortion. Unfortunately when Microsoft designed the WMF specification, they included an error handler so that a faulty WMF image could still do something, however this allows people to write bad WMF files with an error handler containing malicious code. Even worse is that it is virtually undetectable, as a WMF files doesn’t have to have a .wmf extension and can be opened simply by being an image of a webpage, in an email, a document of some description or any number of other ways.

It gets worse, within 24 hours of the exploit being discovered, there were active exploits, dropping all sorts of nasties on Windows based computers everywhere, and Microsoft still don’t have a patch, despite the fact that it is now well over a week since the exploit was found. Thankfully an independent security expert has written a temporary patch, which Microsoft and many security agencies are recommending that you install.

The patch has been verified by the Internet Storm Centre who have hosted the patch at http://handlers.sans.org/tliston/wmffix_hexblog14.exe, the patch has also been verified by many other security agencies and experts. This vulnerability affects most versions of Windows, and is a very severe. It is recommended that you install the patch.

Apart from that, it is common sense security which will also help. The usual don’t open unknown attachments, don’t follow suspect links, and something that a lot of people don’t do but should, turn off the preview pane in your email client, otherwise your emails open simply by being selected, which can happen very easily, and very accidentally.

Other interesting and good IT News includes:
Wisconsin requires voting software to be open source and print a paper confirmation so that anybody who wants to can verify the software does what it should do.

The French military police ditch Internet Explorer and Outlook in favour of Mozilla Firefox and Mozilla Thunderbird, citing standards compliance and the fact that they want everybody to be able to read their public information, not just Microsoft users.

Portable Apps releases a portable USB thumb drive version of Open Office 2.01, so that anyone can access their documents and office apps anywhere.

Massachusetts confirms that they are adopting the Open Document Format (ODF), currently found in Open Office, and ditching Microsoft’s proprietary office format, citing, again, open standards compliance, enabling anyone to read and write the data regardless of operating system or office software (once Microsoft play ball and accept ODF in MS Office, it’s Microsoft’s loss if they don’t!).

An interesting day or so in IT, and not Microsoft’s finest!

Samuel

Entry Filed under: IT News

Print This Post Print This Post

2 Comments

  • 1. John B1_B5  |  January 5th, 2006 at 2:03 pm

    Thunderbird is GO !

  • 2. Samuel  |  January 5th, 2006 at 2:33 pm

    Yes, it’s really taking off!

Calendar

January 2006
S M T W T F S
1234567
891011121314
15161718192021
22232425262728
293031  

Most Recent Posts

Login/Logout

Blix Theme by Sebastian Schmieg and modified for Samuel's Blog by Samuel Gordon-Stewart.
Printing CSS with the help of Martin Pot's guide to Web Page Printability With CSS.
Icons by Kevin Potts.
Powered by WordPress.
Log in