[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: C file recoginzed as image file

From: Chris Moore
Subject: Re: C file recoginzed as image file
Date: Tue, 09 Jan 2007 23:58:42 +0100
User-agent: Gnus/5.11 (Gnus v5.11) Emacs/22.0.92 (gnu/linux)

"Juanma Barranquero" <address@hidden> writes:

> Are you proposing also that we reject (or warn about) a .PNG file
> disguised as a .JPG, for example?

About a year ago, it became apparent that MS Windows would execute
arbitrary code when displaying a specially constructed .wmf file.

Microsoft were quite slow issuing a fix for this vulnerability.  A lot
of companies blocked .wmf attachments on their firewalls in an attempt
to protect themselves.

As a result, the attackers simply renamed their dangerous .wmf files
to .jpg.  This continued to work because Windows looks at the file's
contents, sees that it's not really a JPG image but a WMF image, and
displays it using the vulnerable code.

The vulnerability was relatively well known at the time, and people
who knew about it knew not to attempt to view WMF images using
Windows.  What was more of a surprise was that .jpg and .gif files,
where double clicked could turn out to be WMF images in disguise.

I don't think we should make the same mistake that Windows makes of
silently ignoring the file extension.  The default should be to warn
the user if the contents disagree with the extension, and people who
don't want this warning should be able to turn it off using the
customize interface.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]