|
URGENT: Windows Vulnerability Alert
I won't get into great detail to explain what the issue is, but a Windows Security hole that actually existed in its primary releases in the early 90s was exploited in late December, and is now circulating around the internet.
What it means to you:
This is similar to living in the ghetto and you having left a window opened for 15 years, and everyone has just found out about it.
Why you have to be concerned:
It is very possible for someone to "break in through that window and set your house on fire".
What can happen:
You may lose nothing, or you may lose everything. Decide whether or not you want to take the chance.
When you need not be concerned:
When all of your data is backed up or you do not care to lose all of your data, images, etc.
What you must do:
Download the patch from here (choose one on that page) or here (direct file), then install it. It's just an .exe file that you have to run, nothing that is very involved.
Quoted from Ilfak Guilfanov, the guy who wrote the above patch:
Microsoft will certainly come up with a thouroughly tested fix for it in the future, but meanwhile I developed a temporary fix - I badly needed it.
The fix does not remove any functionality from the system, all pictures will continue to be visible
If for some reason the patch does not work for you, please uninstall it. It will be in the list of installed programs as "Windows WMF Metafile Vulnerability HotFix".
I recommend you to uninstall this fix and use the official patch from Microsoft as soon as it is available.
Quoted from here:
"You cannot wait for the official MS patch, you cannot block this one at the border, and you cannot leave your systems unprotected," Liston writes.
In the diary, ISC provides a link to the version of the patch it has examined, including a version designed for unattended installation on corporate systems.
While ISC recognises that corporate users will find it unacceptable to install an unofficial patch, "Acceptable or not, folks, you have to trust someone in this situation," Liston writes.
Quoted from here:
It is worth remembering that due to this vulnerability, the simple act of visiting a website could infect computers, if it contains a malicious WMF, opening the door to Trojans, worms and all types of threats. This vulnerability lies in the way Windows handles WMF (Windows Meta File), so all programs that can process this type of file are affected. These include Internet Explorer, Outlook and Windows Picture and Fax viewer.
In order to protect computers from this threat, as well as ensuring that a malware solution capable of blocking code that can exploit this vulnerability is installed, it is advisable to un-register the DLL associated to this attack, as described at Microsoft.com.
Similarly, although it is not usually recommended to install patches that are not released by the manufacturer of the product, users might want to install the patch released by Ilfak Guilfanov, a prestigious expert in Windows systems, until the Microsoft patch is available. This patch has been tested and recommended by SANS Internet Storm Center, and is available at: this link and this link.
Microsoft's release of the vulnerability
Here is where I initially discovered this.
|