WMF vulnerability - debating on whether to roll out work around with kix - KiXtart.org - official site

You are not logged in. [Log In] KiXtart.org website » Forums » KiXtart » Lounge » WMF vulnerability - debating on whether to roll out work around with kix

Page 2 of 2

2

Topic Options

#154318 - 2006-01-03 08:30 PM Re: WMF vulnerability - debating on whether to roll out work around with ki
NTDOC NTDOC Administrator Registered: 2000-07-28 Posts: 11624 Loc: CA	Yeah, they should release Next Tuesday with their other patches per normal monthly schedule. Hopefully it's better than the "3rd party patch" I tried. It disabled too much automated graphics stuff. I'll uninstall that one and install the Microsoft one next week and cross my fingers that it is more compatible with how the OS currently works.
Top

#154319 - 2006-01-03 08:40 PM Re: WMF vulnerability - debating on whether to roll out work around with ki
Mart Mart KiX Supporter Registered: 2002-03-27 Posts: 4673 Loc: The Netherlands	I did not even install the 3rd party patch. MS build the OS so I’ll rely on them to build a proper fix after considering and knowing all side effects it might have even if it takes a week before it’s released. Our virus scanner is currently picking it up and we hammered into our users heads not to open any mail that might be suspicious and call IT first. For now this works ok as a temporary action. I looked at the MS advisory and will see what the MS workaround does on a test system when I’m back at work tomorrow. Quote: .... Click Start, click Run, type "regsvr32 -u %windir%\system32\shimgvw.dll" (without the quotation marks), and then click OK .... _________________________ Mart - Chuck Norris once sold ebay to ebay on ebay.
Top

#154320 - 2006-01-03 09:09 PM Re: WMF vulnerability - debating on whether to roll out work around with ki
Lonkero Lonkero KiX Master Guru Registered: 2001-06-05 Posts: 22346 Loc: OK	well, I didn't install the third party one either and my gifs stopped animating. so doc, I bet it was some other MS fix that did this. _________________________ ! download KiXnet
Top

#154321 - 2006-01-03 09:14 PM Re: WMF vulnerability - debating on whether to roll out work around with ki
Allen Allen KiX Supporter Registered: 2003-04-19 Posts: 4549 Loc: USA	I've installed the unofficial patch and have not noticed anything working differently.
Top

#154322 - 2006-01-03 09:38 PM Re: WMF vulnerability - debating on whether to roll out work around with ki
NTDOC NTDOC Administrator Registered: 2000-07-28 Posts: 11624 Loc: CA	Well thumbnails in folders should no longer work if you installed either one of the "fixes".
Top

#154323 - 2006-01-04 12:22 AM Re: WMF vulnerability - debating on whether to roll out work around with ki
Lonkero Lonkero KiX Master Guru Registered: 2001-06-05 Posts: 22346 Loc: OK	hmm... Quote: ...in a practical sense, only Windows XP and Windows Server 2003 (in all their service pack levels) are vulnerable to the WMF flaw. ...all versions of Windows back to 3.0 have the vulnerability in GDI32. Except for Windows XP and Windows Server 2003, no Windows versions, in their default configuration, have a default association for WMF files, and none of their Paint programs or any other standard programs installed with them can read WMF files... from http://www.f-secure.com/weblog/ it sure seems that I don't need to worry at all, after all, I don't have a single XP system at home _________________________ ! download KiXnet
Top

#154324 - 2006-01-04 01:04 AM Re: WMF vulnerability - debating on whether to roll out work around with ki
NTDOC NTDOC Administrator Registered: 2000-07-28 Posts: 11624 Loc: CA	The association is not the point of intrusion. A system that was indexed by Google Desktop was enough to activate/trigger the problem according to one site. Microsoft says though that there are few successful attacks on systems from the data they have.
Top

#154325 - 2006-01-04 02:06 AM Re: WMF vulnerability - debating on whether to roll out work around with ki
masken masken MM club member Registered: 2000-11-27 Posts: 1222 Loc: Gothenburg, Sweden	I think there's really no option nut unregistering the DLL until there's a working patch available: Code: regsvr32 /u /s %windir%\system32\shimgvw.dll ...if your users aren't local admins, put it in a GPO startup-script, or use cpau, runas etc. _________________________ The tart is out there
Top

#154326 - 2006-01-04 06:40 AM Re: WMF vulnerability - debating on whether to roll out work around with ki
Lonkero Lonkero KiX Master Guru Registered: 2001-06-05 Posts: 22346 Loc: OK	Quote: Mikko Hypponen, director of antivirus research at F-Secure, said he believes corporations can trust the unofficial patch, which was created by security software developer Ilfak Guilfanov. "This is a very unusual situation--we've never done this before. We trust Ilfak, and we know his patch works," Hypponen said. "We've confirmed the binary does what the source code said it does. We've installed the patch on 500 F-Secure computers, and have recommended all of our customers do the same. The businesses who have installed the patch have said it's highly successful." http://news.zdnet.com/2100-1009_22-6016649.html _________________________ ! download KiXnet
Top

#154327 - 2006-01-05 04:47 AM Re: WMF vulnerability - debating on whether to roll out work around with ki
Lonkero Lonkero KiX Master Guru Registered: 2001-06-05 Posts: 22346 Loc: OK	Quote: Hexblog.com overloaded Turns out half the planet tried to download WMFFIX_HEXBLOG.EXE from Ilfak Guilfanov's personal website (hexblog.com). The resulting traffic amounts were so huge that his hosting provider actually shut his site down. Update at 09:55 GMT: The site www.hexblog.com is now back up and running in reduced state. It's still under extremely heavy traffic. Ilfak has set up a temporary site at http://216.227.222.95, offering links to various download locations. He mentions on his page: Due to incredibly high load, the page has been reduced to the bare minimum. Thanks for understanding. Safe computing! - Mikko Hyppönen _________________________ ! download KiXnet
Top

#154328 - 2006-01-05 10:43 AM Re: WMF vulnerability - debating on whether to roll out work around with ki
masken masken MM club member Registered: 2000-11-27 Posts: 1222 Loc: Gothenburg, Sweden	would be interesting to know exactly what that MSI package does... _________________________ The tart is out there
Top

#154329 - 2006-01-05 06:27 PM Re: WMF vulnerability - debating on whether to roll out work around with ki
Lonkero Lonkero KiX Master Guru Registered: 2001-06-05 Posts: 22346 Loc: OK	well, why don't you check it out? _________________________ ! download KiXnet
Top

#154330 - 2006-01-05 07:25 PM Re: WMF vulnerability - debating on whether to roll out work around with ki
Allen Allen KiX Supporter Registered: 2003-04-19 Posts: 4549 Loc: USA	The last version I saw (V1.4) added support for silent scripting, which I think was the only reason for the MSI version.
Top

#154331 - 2006-01-05 10:46 PM Re: WMF vulnerability - debating on whether to roll out work around with ki
ostech ostech Lurker Registered: 2005-07-05 Posts: 4	http://www.microsoft.com/technet/security/Bulletin/MS06-001.mspx MS came out with the patch early.
Top

#154332 - 2006-01-05 11:30 PM Re: WMF vulnerability - debating on whether to roll out work around with ki
Lonkero Lonkero KiX Master Guru Registered: 2001-06-05 Posts: 22346 Loc: OK	yep. hence the follow up thread: http://www.kixtart.org/ubbthreads/showflat.php?Number=154210 _________________________ ! download KiXnet
Top

#154333 - 2006-01-10 09:46 AM Re: WMF vulnerability - debating on whether to roll out work around with ki
Co Co MM club member Registered: 2000-11-20 Posts: 1341 Loc: NL	2 new Vulnerabilities: http://msgs.securepoint.com/cgi-bin/get/bugtraq0601/89.html _________________________ Co
Top

#154334 - 2006-01-10 09:57 AM Re: WMF vulnerability - debating on whether to roll out work around with ki
Lonkero Lonkero KiX Master Guru Registered: 2001-06-05 Posts: 22346 Loc: OK	nice... _________________________ ! download KiXnet
Top

Page 2 of 2

2

Previous Topic

Previous Topic View All Topics

View All Topics

Index Next Topic

Next Topic

Moderator: Arend_, Allen, Jochen, Radimus, Glenn Barnas, ShaneEP, Ruud van Velsen, Mart

Hop to:

Shout Box

Who's Online

0 registered and 761 anonymous users online.

Newest Members

Timothy, Jojo67, MaikSimon, kvn317, kixtarts2025
17874 Registered Users

Generated in 0.071 seconds in which 0.026 seconds were spent on a total of 13 queries. Zlib compression enabled.

click tracking