Opening and reading a file in and of itself is not the problem. The problem is when the contents of the file are analyzed and processed by Microsoft's graphical interpreter to produce an image.
Defragging, virus checking, and even many 3rd party graphical display or manipulation programs, do not use Microsoft's graphical interpreter. But (and I have not confirmed this or even researched it) *if* Google desktop search is a problem, *then* Google's desktop search must at some point use Microsoft's graphical interpreter. It may be a simple side-effect of accessing the files by some other Microsoft API. Carl -----Original Message----- From: Windows Home/SOHO [mailto:[EMAIL PROTECTED] On Behalf Of Bill Kingsbury Sent: Wednesday, January 04, 2006 12:13 AM To: [email protected] Subject: Re: wmf vulnerability: defragging risky ?? At 05:50 PM 1/3/2006, Diane Poremsky wrote: > >the indexers look at file content too, not just file name, >so think any of the ones you mentioned are ok unless they >also read content. Yes, that's what I thought -- after thinking it over. But then, defragging *does* read the entire files' contents, doesn't it? It reads a file's fragments, then copies them to new drive sectors (to consolidate them), and then deletes the old fragments. Also, antivirus- and spyware- scanning reads the entire files' contents (I hope). So, why can a simple file-read for "indexing" with the Google Desktop Search, allegedly trigger the wmf exploit -- and yet, no problem with file-reads for virus scanning, or the major file-reading and -writing that takes place while defragging? Bill >On 1/3/06, Bill Kingsbury <[EMAIL PROTECTED]> wrote: >> >> If indexing a "wmf exploit" file is a bad idea, what about >> disk defragging? >> >> Couldn't that also trigger the exploit? >> >> Also, what about Windows File Finder, Search Assistant, or any >> file-search utility, that reads the file's attributes? >> >> Or, looking at a file's "properties" from a file manager, e.g. >> Windows Explorer, Total Commander, or ZTree? >> > --- -- ---------------------------------------- WIN-HOME Archives: http://PEACH.EASE.LSOFT.COM/archives/WIN-HOME.html Contact the List Owner about anything: [EMAIL PROTECTED] Official Win-Home List Members Profiles Page http://www.besteffort.com/winhome/Profiles.html -- ---------------------------------------- WIN-HOME Archives: http://PEACH.EASE.LSOFT.COM/archives/WIN-HOME.html Contact the List Owner about anything: [EMAIL PROTECTED] Official Win-Home List Members Profiles Page http://www.besteffort.com/winhome/Profiles.html
