a temporary solution to the latest security threat?

[Junkieman]

I was wondering, having just read the security threat warning about programs piggybacking on image files, if i was to turn off image display through internet explorer's options, would that prevent me getting infected by anything taking advantage of this?

[Mercifull]

Not really. You can also be infected by downloding the file by accident or it being disguised as something else.

[Mementh]

I was wondering, having just read the security threat warning about programs piggybacking on image files, if i was to turn off image display through internet explorer's options, would that prevent me getting infected by anything taking advantage of this?

 

 

 

 

 

 

 

it might help but its no real solution

 

 

 

 

 

 

 

just get the patch from http://www.grc.com

[chaosgone]

just get the patch from http://www.grc.com

 

 

 

 

 

 

 

That's what I did.

 

 

 

 

 

 

 

Ilfak Guilfanov, developer of "The Patch" for temporarily protecting Windows users from exploitation of the WMF vulnerability, while we wait 10 days for Microsoft's official security update...

 

 

 

 

 

 

 

Ilfak Guilfanov's original "HexBlog" web site was administratively suspended due to excessive use. (Yeah, no kidding!) He has moved his site and changed its IP address. However, a day or two may be required before Ilfak's new site is accessible under its old name (http://www.hexblog.com/).

 

 

 

 

 

 

 

GRC is an officially sanctioned host for Ilfak's files, which you may retrieve directly from the GRC server...

 

 

 

http://www.grc.com/sn/notes-020.htm

[Junkieman]

I feel I'd rather wait for the official microsoft patch to come out on their site first, call me silly like that.

[Mercifull]

I feel I'd rather wait for the official microsoft patch to come out on their site first, call me silly like that.

Have you at least followed the instuctions from Microsoft as a temporary disable?

[Mementh]

 

I feel I'd rather wait for the official microsoft patch to come out on their site first, call me silly like that.

Have you at least followed the instuctions from Microsoft as a temporary disable?

 

 

 

 

 

 

 

 

 

 

 

they don't protect you 100% there is still infection routes

[Junkieman]

I couldnt find the instructions from microsoft, looked all around that security alert in announcements, but it looked like it was all just information.

[coltm4carbine]

hi, heres the instructions to unregister the dll.

 

 

 

 

 

 

 

Un-register the Windows Picture and Fax Viewer (Shimgvw.dll) on Windows XP Service Pack 1; Windows XP Service Pack 2; Windows Server 2003 and Windows Server 2003 Service Pack 1

 

 

 

 

 

 

 

Microsoft has tested the following workaround. While this workaround will not correct the underlying vulnerability, it helps block known attack vectors. When a workaround reduces functionality, it is identified in the following section.

 

 

 

 

 

 

 

Note The following steps require Administrative privileges. It is recommended that the machine be restarted after applying this workaround. It is also possible to log out and log back in after applying the workaround. However, the recommendation is to restart the machine.

 

 

 

 

 

 

 

Note This workaround does not protect against specially crafted Windows Metafile (WMF) images embedded within Office documents.

 

 

 

 

 

 

 

To un-register Shimgvw.dll, follow these steps:

 

 

 

 

 

 

 

1.

 

 

 

 

 

 

 

 

 

 

 

Click Start, click Run, type "regsvr32 -u %windir%\system32\shimgvw.dll" (without the quotation marks), and then click OK.

 

 

 

 

 

 

 

2.

 

 

 

 

 

 

 

 

 

 

 

A dialog box appears to confirm that the un-registration process has succeeded. Click OK to close the dialog box.

 

 

 

 

 

 

 

Impact of Workaround: The Windows Picture and Fax Viewer will no longer be started when users click on a link to an image type that is associated with the Windows Picture and Fax Viewer.

 

 

 

 

 

 

 

After a security update has been released and deployed, you can undo this change and re-register Shimgvw.dll by following the above steps. Replace the text in Step 1 with ÃÆââââ¬Å¡Ã¬Ãâ¦Ã¢â¬Åregsvr32 %windir%\system32\shimgvw.dllÃÆââââ¬Å¡Ã¬ÃâÃ

[Junkieman]

Thanks for that colt!

[Mementh]

UPDATE!!!

 

 

 

 

 

 

 

My computer just rebooted a few minutes ago.. i did not know why.. i checked my event viewer... nothing cept something was holding onto the registery

 

 

 

 

 

 

 

i checked my windows update

 

 

 

 

 

 

 

AND ITS THERE

 

 

 

 

 

 

 

the official patch is now available

 

 

 

 

 

 

 

 

 

 

 

EVERYONE HEAD IN WINDOWS EXPLORER TO http://update.microsoft.com

 

 

 

 

 

 

 

Firefox users head to http://windowsupdate.62nds.com/ for updates without the worst browser in the world (they should be working fine)

[fullmetaboy]

I was wondering, having just read the security threat warning about programs piggybacking on image files, if i was to turn off image display through internet explorer's options, would that prevent me getting infected by anything taking advantage of this?

 

 

 

 

 

 

 

Your using Internet Explorer and you want to talk about security.... DUDE?! get mozilla so you have some control