Windows MetaFile Backdoor Intentional, says Steve Gibson


Leo and I carefully examine the operation of the recently patched Windows MetaFile vulnerability. I describe exactly how it works in an effort to explain why it doesn't have the feeling of another Microsoft "coding error." It has the feeling of something that Microsoft deliberately designed into Windows. Given the nature of what it is, this would make it a remote code execution "backdoor." We will likely never know if this was the case, but the forensic evidence appears to be quite compelling. Security Now! Transcript of Episode #22

Linked by shanmuga Saturday, 14th January 2006 1:41AM