Posted on 12/28/2005 5:45:47 PM PST by Salo
Security researchers have released instructions for exploiting a previously unknown security hole in Windows XP and Windows 2003 Web Server with all of the latest patches applied.
(Excerpt) Read more at blogs.washingtonpost.com ...
Pings.
Thanks. I searched on the headline and it came up clean.
Yeah that happens sometimes when folks change the headlines ......stay safe !
Damn you, Ernest! :-) /shakes fist
Start - Run - regsvr32 /u shimgvw.dll
This will disable the vulnerable component, Windows Fax and Picture Viewer. Alternatively, you can use Folder Options - File Types to change the association for .WMF files to something other than that program.
or switch to Apple or Linux and open Office
I didn't use the Washington Post as the source Document since they require extraction and weren't as close to the original as my source.....I thought that was Fair....Hehehe
Here we go again...
All operating systems are vulnerable...even proprietary private ones...and EVEN your holy grails Apple and Linux...
90% of the common computing planet run on Win OS systems...and the world is not ending tommorrow...
Very good !........:o)
Freethinking freeper !!
No they are not!
Windows has specific architectural flaws (from a security standpoint) that neither Linux nor Apple's OS have (or for that matter, any Unix-like OS). For instance, the graphics drivers run in-kernel, so a bug in the graphics driver can bring down the whole system.
snip.....
Two of the vulnerabilities lie in the way the Linux kernel--the core of the open-source operating system--manages memory. They affect all current versions of Linux, according to advisories released on Wednesday by iSEC Security Research, a Polish security company. The third flaw affects the module for the kernel that supports ATI Technologies' Rage 128-bit video card.
----end snip
I find it so amusing how a flaw in Windows always translates into another OS being superior because it doesn't share the flaw...That like saying a Ford is better than a Chevy because Chevy fuel tanks explode....the logical disconnect typically doesn't even warrant a response....
That's nice... enjoy your XP trojans, viruses, adware, and spyware... all several tens of thousands of them.
"Any application that automatically displays a WMF image will cause the users machines to get infected."
"This includes older versions of Firefox, current versions of Opera, Outlook and all current version of Internet Explorer on all versions of Windows."
http://sunbeltblog.blogspot.com/2005/12/new-exploit-blows-by-fully-patched.html
All operating systems are not *equally* vulnerable. I could store valuables in my unlocked car, or I could put them in a safe in my home. Neither method can guarantee their security, but one has a much better chance than the other.
See tagline for zig.
"You might want to block these sites at your firewall while waiting for a Microsoft patch:"
Crackz [dot] ws
unionseek [dot] com
www.tfcco [dot] com
Iframeurl [dot] biz
beehappyy [dot] biz
And funnily enough, according to WHOIS, domain beehappyy.biz is owned by a previous president of Soviet Union:
Registrant Name: Mikhail Sergeevich Gorbachev
Registrant Address1: Krasnaya ploshad, 1
Registrant City: Moscow
Registrant Postal Code: 176098
Registrant Country: Russian Federation
Registrant Country Code: RU
"Krasnaya ploshad" is the Red Square in Moscow...
"Do note that it's really easy to get burned by this exploit if you're analysing it under Windows. All you need to do is to access an infected web site with IE or view a folder with infected files with the Windows Explorer."
"As a precaution, we recommend administrators to block access to unionseek[DOT]com and to filter all WMF files at HTTP proxy and SMTP level."
"F-Secure Anti-Virus detects the offending WMF file as W32/PFV-Exploit with the 2005-12-28_01 updates."
"We expect Microsoft to issue a patch on this as soon as they can."
http://www.f-secure.com/weblog/archives/archive-122005.html#00000752
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.