BIG SURPRISE: Not safe to use Windows today.
Registered User
Joined: Jan 2004
Posts: 4,938
Likes: 0
From: limerick
Originally Posted by jasonw,Dec 30 2005, 01:47 PM
There is a workaround yes(although it limits thumbnail functionality). But what makes you think your link addresses the issue?
Thread Starter
Registered User
Joined: Mar 2005
Posts: 16,702
Likes: 0
From: █ SF, CA █
Originally Posted by exceltoexcel,Dec 30 2005, 10:41 AM
^ Can't run squat.
Have everything I need to develop widely used server software for the 4th largest software corp without M$.
Thread Starter
Registered User
Joined: Mar 2005
Posts: 16,702
Likes: 0
From: █ SF, CA █
Originally Posted by exceltoexcel,Dec 31 2005, 01:08 AM
Prevents the code from executing.
uni on seek. com/ d/t 1/ wmf_exp. htm
Go there to test your theory. But I haven't seen anyone credible saying it will prevent the WMF attacks.
Be warned: M$ Says clicking on a link will still put you at risk.
US-Cert: Software-enforced DEP is not effective in mitigating this vulnerability.
Joined: Jul 2002
Posts: 19,257
Likes: 19
From: San Diego, CA
Hey Jason, do you know if Windows 2000 machines are affected at all? I think the article says XP/2003 only.
But I also know I've got shimgvw.dll on my machine. Just curious how significantly that component has changed between W2K and WXP.
But I also know I've got shimgvw.dll on my machine. Just curious how significantly that component has changed between W2K and WXP.
Thread Starter
Registered User
Joined: Mar 2005
Posts: 16,702
Likes: 0
From: █ SF, CA █
Originally Posted by PeaceLove&S2K,Jan 2 2006, 08:08 PM
Hey Jason, do you know if Windows 2000 machines are affected at all? I think the article says XP/2003 only.
But I also know I've got shimgvw.dll on my machine. Just curious how significantly that component has changed between W2K and WXP.
But I also know I've got shimgvw.dll on my machine. Just curious how significantly that component has changed between W2K and WXP.
http://www.securityfocus.com/bid/16074/info
I would recommend this work-around:
[CODE]
Disable or reset the file association for Windows Metafiles
Disabling or remapping Windows Metafile files to open a program other than the default Windows Picture and Fax Viewer may prevent exploitation via some attack vectors. Microsoft has suggested taking the following steps to disable shimgvw.dll in Microsoft Security Advisory (912840):
Microsoft has tested the following workaround. While this workaround will not correct the underlying vulnerability, it will help block known attack vectors. When a workaround reduces functionality, it is identified in the following section.
Moderator
Joined: Jul 2004
Posts: 36,017
Likes: 226
From: Queen City, NC
Nice to know there's still no fix and this workaround can be easily subverted. MS has had its Windows OS base code out for over ten years now, and it is still full of gaping holes like this - this won't be the last.
Joined: Jul 2002
Posts: 19,257
Likes: 19
From: San Diego, CA
Originally Posted by jasonw,Jan 2 2006, 11:58 PM
Norton is supposed to catch it now too:
http://www.symantec.com/avcenter/venc/data...exploit.56.html
http://www.symantec.com/avcenter/venc/data...exploit.56.html
I've already disabled that component btw, even before I posted my last post.
Thread Starter
Registered User
Joined: Mar 2005
Posts: 16,702
Likes: 0
From: █ SF, CA █
Originally Posted by PeaceLove&S2K,Jan 3 2006, 10:33 AM
Shameless plug for your employer?