By: Olga Farber Becker
On 28 of December a severe Windows security flaw, WMF Flaw, was detected, in all Windows versions from Win98 to WinXP, no fixing patch exists yet. Using it, anyone can do any malicious action with your computer, steal or even erase your data.
This article will help you understand what it is and how YOU can fix it until Microsoft releases a patch.
By Washington Post: "Computers can be infected simply by visiting one of the Web sites or viewing an infected image in an e-mail through the preview pane [...] even if users did not click on anything or open any files."
"Microsoft said in a statement yesterday that it is investigating the vulnerability and plans to issue a software patch to fix the problem. The company could not say how soon that patch would be available." http://www.washingtonpost.com/wp-dyn/content/article/2005/12/29/AR2005122901456.html
How severe it is: "This vulnerability can be used to install any type of malicious code, not just Trojans and spyware, but also worms, bots or viruses that can cause irreparable damage to computers," said Luis Corrons of Panda Software.
In a security advisory posted on its Web site, Microsoft confirmed the vulnerability and the associated release of exploit code that could compromise PCs, and listed the operating systems at risk. Windows 2000 SP4, Windows XP, Windows Server 2000, Windows 98, and Windows Millennium can be attacked using the newly-discovered vulnerability...
http://www.microsoft.com/technet/security/advisory/912840.mspx
BlogAutoPublisher support expert comments on the situation, advising a cure:
"The vulnerability is in the Microsoft Windows Graphics Rendering Engine, that is why the exploit affects Windows versions from Win98 to WinXP.
Unlike other security vulnerabilities, this one allows a _data file_ to execute arbitrary code upon it being viewed. In other words, a (picture) data file can contain executable code to "help" Windows display it, and Windows will execute it unquestionably.
Your computer can be infected whenever Windows uses its default image viewer to display certain image types. This means there is a long list of applications that are vulnerable that rely upon the image viewer code. Windows uses this code when previewing images, for example.
*What YOU can do right NOW*, to secure your computer until a patch from Microsoft is released:
Go to Start > Run, paste there the following line: regsvr32 /u shimgvw.dll and press OK.
If everything goes right, you'll see the following message: "DllUnregisterServer in shimgvw.dll succeeded."
It will disable the problematic dll, forcing all other programs to use their own engines, if exist. Keep in mind that this will disable thumbnail previews in Windows Explorer. One may experience problems with opening any image file after unregistering this dll.
(To reactivate this feature: Start > Run > regsvr32 shimgvw.dll)
We will send another update, when the patch from Microsoft is released, with instructions how to apply the patch and re-activate the feature."
And another important thing: since this is such a serious flaw, you may start getting phishing emails pretending to originate at Microsoft, urging you to do something with your computer, apply some "patches". Don't do it.
Find the true information at microsoft.com or wait for the links at microsoft.com we'll publish later.
Copyright 2006 Olga Farber Becker
|
About The Author
Olga Farber Becker
Olga's areas of research are internet marketing, blogs, RSS feeds. Find out 55 ways to use the Marketer's Blogging Software Olga recently released: http://blogautopublisher.com.
|
This article was posted on January 26, 2006
Other Interesting Topics
Jan. 6 (Bloomberg) -- Satyam Computer Services Ltd. , which abandoned a $1.6 billion bid to buy companies linked to its chairman, gained in Mumbai trading after a report that Tech Mahindra Ltd.
Total Privacy v5.7 removes traces of personal information from Windows environment, including Vista, as well as Internet browsers and instant message (IM) conversations. Additionally, program eliminates records of any file transfers and can wipe free space available on computer to prevent previously deleted files from being recovered. Running on-demand or at scheduled time, software lets users ...
with another software company. The scrip of the company opened on a firm note at Rs 180 on the Bombay Stock Exchange but soon lost ground and saw an intra-day low of Rs 170.10, a decline of 4.19% from its last close.
Concurrent announced a new software release for its MediaHawk line of video servers. The release is SCTE-130 compliant and features enhancements such as play list support enabling advanced advertising. The SCTE-130 standard supports a unified platform for addressable advertising, providing inventory and placement definitions, while merging content and subscriber metadata for targeting zones - ...
East-Tec Eraser 2009 meets/exceeds all US DoD standards for permanently removing information from computers. It protects all confidential information from online predators, helps prevent identity theft, and removes all evidence of computer and online activity. In addition to complete Firefox 3 history files removal, software works with various browsers and peer-to-peer programs. Users can ...
A software developer has, intentionally or not, fueled speculation that Tuesday's Apple keynote speech will see the announcement of an updated Mac mini. In promoting v4.6 of its namesake digital asset management (DAM) system, it describes "new Mac mini hardware" as being supported, with the option of bundling the two products together in a server bundle. In operating as a server, the otherwise ...
MUMBAI, Jan 6 (Reuters) - Indian software services firm Tech Mahindra Ltd has approached embattled rival Satyam Computer Services for an all-share merger, the Economic Times reported on Tuesday, sending shares in both companies higher.
