Posted on 01/02/2006 3:54:03 PM PST by Swordmaker
Computer security experts were grappling with the threat of a newweakness in Microsofts Windows operating system that could put hundreds of millions of PCs at risk of infection by spyware or viruses.
The news marks the latest security setback for Microsoft, the worlds biggest software company, whose Windows operating system is a favourite target for hackers.
The potential [security threat] is huge, said Mikko Hyppönen, chief research officer at F-Secure, an antivirus company. Its probably bigger than for any other vulnerability weve seen. Any version of Windows is vulnerable right now.
The flaw, which allows hackers to infect computers using programs maliciously inserted into seemingly innocuous image files, was first discovered last week. But the potential for damaging attacks increased dramatically at the weekend after a group of computer hackers published the source code they used to exploit it. Unlike most attacks, which require victims to download or execute a suspect file, the new vulnerability makes it possible for users to infect their computers with spyware or a virus simply by viewing a web page, e-mail or instant message that contains a contaminated image.
We havent seen anything that bad yet, but multiple individuals and groups are exploiting this vulnerability, Mr Hyppönen said. He said that every Windows system shipped since 1990 contained the flaw.
Microsoft said in a security bulletin on its website that it was aware that the vulnerability was being actively exploited. But by early yesterday, it had not yet released an official patch to correct the flaw. We are working closely with our antivirus partners and aiding law enforcement in its investigation, the company said. In the meantime, Microsoft said it was urging customers to be careful opening e-mail or following web links from untrusted sources.
Meanwhile, some security experts were urging system administrators to take the unusual step of installing an unofficial patch created at the weekend by Ilfak Guilfanov, a Russian computer programmer.
Concerns remain that without an official patch, many corporate information technology systems could remain vulnerable as employees trickle back to work after the holiday weekend.
Weve received many e-mails from people saying that no one in a corporate environment will find using an unofficial patch acceptable, wrote Tom Liston, a researcher at the Internet Storm Center, an antivirus research group. Both ISC and F-Secure have endorsed the unofficial fix.
Microsoft routinely identifies or receives reports of security weaknesses but most such vulnerabilities are limited to a particular version of the Windows operating system or other piece of Microsoft software. In recent weeks, the company has been touting its progress in combating security threats.
The company could not be reached on Monday for comment.
For video players that can handle other formats, give your friends these links -
Subnote: V-lan works fine on my home machines- others I know swear it "hosed my codecs"- so be advised I provide that and other links on a "use with caution" basis.
Drat. There goes WFWG 3.11...
Ilfak Guilfanov (see GREEN box below) produced a highly-effective true patch which successfully suppresses all known exploitable vulnerabilities for anyone using Windows 2000, XP, server 2003, or 64-bit XP. No patch is available for Windows 95, 98, ME or NT, and none is expected to be forthcoming. But anyone using Windows 2000, XP, server 2003, or 64-bit XP should IMMEDIATELY install Ilfak's exploit suppressor into all of their systems.
Yes, that's unfortunate.
Windows 98/SE/ME users: Microsoft's original advice to "unregister the shimgvw.dll" (shell image viewer) was never correct or useful on those platforms. The good news is that all current WMF exploits appear to be non-functional on the older Win9x vintage platforms . . . so you will likely be okay until Microsoft has updated your system with the next security patches. There is no short-term workaround for Windows 9x users.
I guess what happens will depend on whether the hackers feel like aiming at older versions of Windows and on how quickly Microsoft gets its patch out for those versions.
False. That "security by obscurity" theory has been shot down many times by people who know what they are talking about. Five years, 20,000,000 users, and counting with no OSX exploits in the wild.
AWK.
so what do I do???
No, it's in the DLL that displays .wmf files, not .wmv (Windows Movie). .wmf files are Windows Metafile files, which are basically image files, mostly used for clip art, rarely on legitimate web pages.
At this point I trust nobody.
I don't really like the sauce on a big mac.... would an arbys be just as good?
susie
Probably... now if you could get either to display a .WMF graphic clip file of the Virgin Mary, you could sell it on eBay!
Try again a little later, perhaps...
Is that close to Vientiane?
LOL!
Meant loading
I've applied the Guilfanov patch to my local box and everything seems fine so far. I've heard of some problems in canceling large print jobs but haven't seen anything like that myself.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.