-
January 7th, 2003, 08:09 AM
#1
A Font that crashes Windows?
A message was sent to BugTraq with the following statement by "Andrew":
The attached OpenType font file will cause Windows to restart
immediately when the file is opened by the default viewer (fontview).
I doubt anyone would suspect a "harmless" little font file of being
able to cause such a thing to happen!
Read the whole thing here.
Or, better yet, if you don't believe it, download and view this font.
Now, not only do Windows users have to worry about .zips, exes, and MS Office files, but now they have to worry about fonts, too...
AJ
-
January 7th, 2003, 10:23 AM
#2
W000T that's the weirdest thing I've seen..
My trusty hex editor reveals..
Copyright 2003. All rights reserved.restarterRegular1.000;NONE;restarterOTF 1.000;PS 001.001;Core 1.0.29Please refer to the Copyright section for the font trademark attribution notices. C o p y r i g h t 2 0 0 3 . A l l r i g h t s r e s e r v e d . r e s t a r t e r R e g u l a r 1 . 0 0 0 ; N O N E ; r e s t a r t e r O T F 1 . 0 0 0 ; P S 0 0 1 . 0 0 1 ; C o r e 1 . 0 . 2 9 P l e a s e r e f e r t o t h e C o p y r i g h t s e c t i o n f o r t h e f o n t t r a d e m a r k a t t r i b u t i o n n o t i c e s .
BTW it only crashes 2000 and XP, win 98 SE I tested to be safe...
On win9x it just crashes the fontview app...
ASCII stupid question, get a stupid ANSI.
When in Russia, pet a PETSCII.
Get your ass over to SLAYRadio the best station for C64 Remixes !
-
January 7th, 2003, 11:06 AM
#3
well it gave me a message ( windows cannot oppen this file )
When the power of Love overcomes the Love of power, the world will know peace... Jimi Hendrix
-------------------------------------------------------------
I dream of giving birth to a child who will ask...... what was war?
-
January 7th, 2003, 12:13 PM
#4
bimmer, that might be that the file got corrupted when you downloaded it. try again
- Trying is the first step towards failure. the moral is never try.
- It\'s like something out of that twilighty show about that zone.
----Homer J Simpson----
-
January 7th, 2003, 04:47 PM
#5
My trusty frhed hex editor, I saw the same thing. Wonder if Gates and company
is going to build a patch for it. Hate to see a lame virii exploiting it.
-
January 16th, 2003, 05:51 AM
#6
Hmmm, i just tried it on one box loaded W2000Pro, SP-2, and Frontview just said it was "not a valid font file"... Did not try it on W98SE, since the original post said it did not affect it too bad.
-
January 16th, 2003, 07:15 AM
#7
Junior Member
Patch ===== ? Workaround ========== Steven Tucker says : On XP Professional SP1 it causes a bugcheck in ATMFD.DLL. According to the properties for this DLL this is the Adobe Type Manager driver. The bugcheck code is PAGE_FAULT_IN_NONPAGED_AREA @ Base+0x28A75. You can delete the registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Font Drivers This will eliminate the immediate problem, but will remove type 1 font support.
-
January 16th, 2003, 11:58 AM
#8
Am I SUPPOSED to get a four character text http response when clicking on that attachment? I just get "OTTO"...
Hm. Must be an opera thing. IE downloads more actual data, but decides to call it "2" by default.
[HvC]Terr: L33T Technical Proficiency
-
January 16th, 2003, 02:33 PM
#9
Banned
hey can u make a virus or something harmful in the form of a txt file?
i'm not gonna try doing it but i just wanted to know if it could be done and if so where can i learn about it.
once again i don't want a step by step just the theory or a link to it, i want to see how dangerous txt files can be, i always thought it's just plain text, but now 'm not sure.
thanx drew.
-
January 16th, 2003, 04:27 PM
#10
drew: this is a bit off-topic,
I hope I don't offend anyone if I do answer drew's off-topic question here..
you can't make a virus in a text file..
the text file uses ascii to write text. it has 256 (well 0 - 255 ) possible characters.
It might be possible to make a .txt file that kills notepad or even windows, but that's a totaly different story..
You do however get a lot of people sending attatchments like: readme.txt.pif (link) or even read_this.txt.scr (screensaver (actualy same as a .exe))
when you set windows to not show extentions (the 3 characters after the dot) you won't see the .pif .scr .exe or .com extention !!
these CAN contain a virus or a trojan (and I'd even bet on them containing one..)..
ASCII stupid question, get a stupid ANSI.
When in Russia, pet a PETSCII.
Get your ass over to SLAYRadio the best station for C64 Remixes !
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|