Daily Archives: January 5, 2006

The latest Windows security hole

Posted on by

There’s a nasty Windows vulnerability about. First reported on December 27. Details:

Microsoft Windows contains a vulnerability that can allow an attacker to execute arbitrary code. The vulnerability is due to improper handling of Windows metafiles by the Graphics Rendering Engine. Attackers can exploit the vulnerability by creating a metafile and enticing a victim into opening the file. Use of the Windows Picture and Fax Viewer is one known vector of attack through the automatic display of certain metafiles. Known file types that will launch Windows Picture and Fax Viewer when opened are .wmf, .emf, .gif, .jpeg, .jpg, .bmp, and .png. Note: Additional attack vectors may exist.

At the time of writing (January 5) Microsoft hasn’t issued a patch. They’re going to wait until Tuesday January 10 because that’s the next scheduled date for the release of Microsoft upgrades and fixes. Now that’s what I call customer service.

Update (January 6): According to The Register, Microsoft has now issued a patch.

CCD inventors get recognition — finally

Posted on by

The US National Academy of Engineering has awarded the 2006 Charles Stark Draper Prize, described by the New York Times as “the engineering equivalent of a Nobel award” to two former Bell Laboratories researchers who invented the imaging microchip or Charge Coupled Device — the chip at the heart of digital cameras and camcorders. The device converts light particles, or photons, into packets of electrical charges that are shifted in rows to the edge of the chip for scanning. Willard Boyle, 81, and George Smith, 75, invented the CCD in 1969 in an hour’s brainstorming session in the good old days when Bell Labs was one of the intellectual powerhouses of the world.