Windows WMF Backdoor?

OK, this is a little scary. There is avary well know Windows expert/developer/pseudo-hacker named Steve Gibson, who does a podcast every week called Security Now. He has done a lot of research into the recent WMF exploit that was discovered in Windows machines (back to 98 i think). And his findings are very frightening. He firmly believes, after examining the exploit, that it was an INTENTIONAL BACKDOOR, placed in the Windows OS by someone at Microsoft. You can download the podcast (Episode 22) on iTunes or by following the link, but I'll sum it up a bit here. The exploit is in the way windows handles WMF image files. (WMF = Windows MetaFile) A wmf is an image file that, instead of being made up of pixels, is made up of code that tells windows how to draw the picture. The exploit was found that when certain stuff is put in the WMF, it could cause windows to run any code the "hacker" wanted, and all the victim had to do was view an image.

What Steve discovered is that the exploit only works when the metafile size variable (correct me if i'm wrong about what it should be called) is set to 1 - what he called the magic number. Technically this is supposed to be impossible, because the smallest a metafile can be is 3, but when it is set to 1, windows, skips a few bytes, and executes the implanted code. This is what led steve to believe that the exploit was intentionally put there by someone at microsoft. Could this be the reason Microsoft patched it forcefully and silently? You tell me!

Being a nerd and a conspiricy theorist myself, I will be keeping up with this story as it develops (or at least, as I hear more about it).

Stay tuned, and for god's sake, post some friggin comments :)