Solo Technology

Ok, this is the darndest thing I’ve heard in a while. At least a week. First I saw it mentioned at Steve Gibson’s site as I was grabbing Security Now #22. Then it bubbled up on Slashdot today too.

Leo and I carefully examine the operation of the recently patched Windows MetaFile vulnerability. I describe exactly how it works in an effort to explain why it doesn’t have the feeling of another Microsoft “coding error”. It has the feeling of something that Microsoft deliberately designed into Windows. Given the nature of what it is, this would make it a remote code execution “backdoor”. We will likely never know if this was the case, but the forensic evidence appears to be quite compelling.

Wow.
I’d write more, but a black helicopter is hovering outside my window.

…

Ok, I’d write more, but I haven’t listend to the podcast yet, and I’ll be darned if I’m going to read the transcript. But to be fair, I hope that the podcast mentions the forensic evidence.

At least have a look at the slashdot discussion that follows their post. Some interesting — and some hilarious — stuff down in there.

[12 hours later]

I came across these two articles on digg this morning, figured I’d add them here.

News.com Security blog talks about the “WMF Backdoor” thing. Microsoft has a tech article about how the SetAbortProc got there in the first place.

[15 hours later]

Steve Gibson responds to the Microsoft article.

Leave a Reply