Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Ups, by Trend

Ups, by Trend

by Nikola Strahija on November 14th, 2005 Last weeks Trend Micro’s discovery of a Windows graphic Trojan appears to have been bogus.


The claim was considered a big treat, because Microsoft had only patched the critically-rated flaws days earlier.

It seems that Trend had mis-analysed the Troj_emfsploit.A Trojan, and the appearance of exploiting the flaws was probably a coincidence. The company originally claimed the Trojan could cause explorer.exe, which supports the Windows GUI shell, to crash. Customers that had not yet applied Microsoft’s patch MS05-053 would have been vulnerable.

In fact, it turns out that it can only cause a GUI crash in Windows XP systems prior to the Service Pack 1 (SP1) update of 2002. Windows 2000 systems are vulnerable up to Service Pack 4.

-Given the time we needed to react to this, we didn't analyse it thoroughly. We wanted to do something fast and perhaps we didn't spend sufficient time on it, said Trend chief technologist, Raimund Genes.

Trend has now removed the explicit claim of an exploit from its website description of the Trojan, and has fallen back on the a generic statement that the Trojan ‘exhibits behaviour similar to the Enhanced Metafile vulnerability of MS05-053.’


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »