Friday, January 20, 2006

WMF backdoor ... or not :))

After the initial storm on the major WMF vulnerability (and the not so great way in which it was addressed by Microsoft) there was a second wave when Steve Gibson (a rather very knowledgeable old-time computer guru) at some point raised the possibility that the entire WMF vulnerability was in fact an intentional backdoor !

That would have been really interesting things so the media picked it very fast - and I have to admit that I have myself taken a quick look in the part of the Windows source code that was leaked a few years ago on the net - somehow intriguing the part of the code where the WMF bug was located was NOT part of the leaked code so things remained a little in limbo ...

But now an even more impressive guy and one of my favorites even LONG before he revealed the Sony rootkit - Mark Russinovich - has posted a more detailed description of his findings that seem to suggest that a poor initial design choice followed by the lack of review at the moment of 32 bit porting is far more likely than an intentional backdoor in the WMF case ... which is not to say that a backdoor might not be somewhere inside there anyway :))

0 Comments:

Post a Comment

Links to this post:

Create a Link

<< Home