WMF Vulnerability Patch - 01/04/06 10:43 AM
Info:
http://money.cnn.com/2006/01/03/technology/windows_virusthreat/index.htm?cnn=yes
http://it.slashdot.org/it/05/12/30/1310243.shtml?tid=220
You can grab a patch here:
http://www.hexblog.com/
SANS has verified that this patch is valid and does only what it says it does, nothing more.
Also, as Microsoft and other security firms have suggested, "Click Start, click Run, type "regsvr32 -u %windir%\system32\shimgvw.dll" (without the quotation marks), and then click OK." This will de-register the vulnerable DLL.
I was actually hit by this vulnerability earlier today while browsing. All you need to do is browse to a malicious website and you can be infected with whatever payload the variant author decides. I suggest that everyone install this hotfix as soon as possible.
http:/
http:/
You can grab a patch here:
http://www.hexblog.com/
SANS has verified that this patch is valid and does only what it says it does, nothing more.
Also, as Microsoft and other security firms have suggested, "Click Start, click Run, type "regsvr32 -u %windir%\system32\shimgvw.dll" (without the quotation marks), and then click OK." This will de-register the vulnerable DLL.
I was actually hit by this vulnerability earlier today while browsing. All you need to do is browse to a malicious website and you can be infected with whatever payload the variant author decides. I suggest that everyone install this hotfix as soon as possible.