Threat Level: green Handler on Duty: Manuel Pelaez

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

.MSI installer file for WMF flaw available

Published: 2006-01-04
Last Updated: 2006-01-04 04:19:23 UTC
by Tom Liston (Version: 2)
0 comment(s)
For all of you corporate folk out there, we now have a .msi installer file available for version 1.4 of Ilfak Guilfanov's unofficial patch for the Windows .WMF flaw.  A very big "thank you" goes out to Evan Anderson of Wellbury Information Services, L.L.C. for his diligent efforts to get this put together.  Note:  Like Mr. Guilfanov's original patch, this will dump out not only Guilfanov's source code, but also the code that Evan wrote to do the install from within the .msi.  Note also:  We have reverse engineered and verified that the installation/uninstallation code in the .msi does what it says it does and nothing more.  The wmfhotfix.dll installed is the binary equivalent of the previously vetted version 1.4.

WMFHotfix-1.4.msi has an MD5 of 0dd56dac6b932ee7abf2d65ec34c5bec
A pgp signature using the SANS ISC key is available as well.

We renamed the file from WMFHotfix-1.1.14.msi to WMFHotfix-1.4 to be more consistent with the version number (1.4)
To uninstall, use the "Add / Remove Program" button in your control panel.
Keywords:
0 comment(s)
Diary Archives