Setting the record straight on the WMF vulnerability

Summary:It's seems normal that the year in technology ends with a critical Windows vulnerability. George Ou is setting the record straight on the critical WMF vulnerability, including the worthless fixes and the real fix, which results in Explorer being unable to display thumbnail images.

It's seems normal that the year in technology ends with a critical Windows vulnerability. George Ou is setting the record straight on the critical WMF vulnerability, including the worthless fixes and the real fix, which results in Explorer being unable to display thumbnail images. Microsoft has been improving on the security front, but it's still a large and inviting target of code, developed in an age in which security wasn't the top priority, for those who want to exploit vulnerabilities. For reference, below is a list of the top 10 Windows vulnerabilities from the SANS/FBI Top 10 list: 

Internet Information Server (IIS)
Microsoft Data Access Components (MDAC) -- Remote Data Services
Microsoft SQL Server
NETBIOS -- Unprotected Windows networking shares
Anonymous Logon -- Null sessions
LAN Manager Authentication -- Weak LM hashing
General Windows Authentication - Accounts with no passwords or weak passwords
Internet Explorer
Remote Registry Access
Windows Scripting Host

Topics: Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.