, 2006-01-23
Claims that the WMF vulnerability was an intentional backdoor into Windows systems makes for an interesting conspiracy theory, but doesn't fit with the facts.
Expand all |
Post comment
Debunking the WMF backdoor
2006-01-24
ScuzzMonkey (2 replies)
ScuzzMonkey (2 replies)
Mr. Greene, I wouldn't be surprised if you get sued for this.
2006-01-25
Roger (2 replies)
Roger (2 replies)
>>
Even still, the question remains as to why WMF files implement the SetAbortProc GDI function at all. My belief is that Microsoft developers decided to implement as much as the GDI function-set as possible. Including SetAbortProc makes sense for the same reason that abort procedures for printing make sense: WMF files can consist of many records containing complex GDI commands that can take along time to execute, especially when sent to a printer and on old hardware like the kind on which the cooperatively multitasked Windows 3.1 operating system ran. The abort procedure gives applications the ability to monitor the progress of a playback and to unilaterally abort it if a user makes UI choices that make a complete playback unnecessary. In addition, if a WMF file is sent to a printer and there?s a printer error Windows must have a way to know that an application wants to cancel WMF playback, which is another reason to invoke the abort procedure from within the PlayMetaFile loop. This Microsoft article from 1992 confirms the behavior as designed.
Does this mean that Mark believes it was 'intentional' or not. Not intentional in the same way as Steve thinks it was, perhaps..
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/columns/382/33024#33024