WMF Indexing, White Elephants and White RabbitsThe WMF White Elephant in the room as far as I'm concerned is Indexing. YMMV. How many Vendors have other Indexing services installed that are going to automagically enable WMF exploitation on or across your network?
F-Secure pointed out the White Elephant when they recommended you "disable indexing of media files (or get rid of Google Desktop) if you're handling infected files under Windows" and said "This is enough to invoke the exploit and infect the machine. This all happens in realtime as Google Desktop contains a file system filter and will index new files in realtime.". And I agree, turn all Indexing off until a fix is out.
Microsoft, Google and other vendors should immediately address what the role is of their indexing services, particularly as it relates to shares, synchronization and potential mitigation activities. Their lack of comment on this issue is glaring.
MS Indexing (White Rabbit Link)
F-Secure's blog today has a new vulnerability workaround (unrelated to indexing).
Dec 31st 2005
1 decade ago