On 1/2/06, Robert D. <[EMAIL PROTECTED]> wrote: > Recently, Darrin squawked: > > He means to put them in the > > section under "Disable these types of files" > > Perfect, thanks to the both of you. Not sure how I missed that. > Anyway, put the *.wmf in the disable now.
...except that this is something that happens regardless of the extension. The actual exploit will appear to be an image, and will have an extsion of jpg or bmp or whatever, _not_ wmf. Quoting from ISC's wmf faq (http://handlers.dshield.org/jullrich/wmffaq.html): * Should I just block all .WMF images? This may help, but it is not sufficient. WMF files are recognized by a special header and the extension is not needed. The files could arrive using any extension, or embeded in Word or other documents. -- WL
________________________________________________ Current version is 3.64.01 | 'Using TBUDL' information: http://www.silverstones.com/thebat/TBUDLInfo.html