|
URGENT: Windows Vulnerability Alert
|
View this Thread in Original format
| DigitalMP |
I won't get into great detail to explain what the issue is, but a Windows Security hole that actually existed in its primary releases in the early 90s was exploited in late December, and is now circulating around the internet.
What it means to you:
This is similar to living in the ghetto and you having left a window opened for 15 years, and everyone has just found out about it.
Why you have to be concerned:
It is very possible for someone to "break in through that window and set your house on fire".
What can happen:
You may lose nothing, or you may lose everything. Decide whether or not you want to take the chance.
When you need not be concerned:
When all of your data is backed up or you do not care to lose all of your data, images, etc.
What you must do:
Download the patch from here (choose one on that page) or here (direct file), then install it. It's just an .exe file that you have to run, nothing that is very involved.
Quoted from Ilfak Guilfanov, the guy who wrote the above patch:
Microsoft will certainly come up with a thouroughly tested fix for it in the future, but meanwhile I developed a temporary fix - I badly needed it.
The fix does not remove any functionality from the system, all pictures will continue to be visible
If for some reason the patch does not work for you, please uninstall it. It will be in the list of installed programs as "Windows WMF Metafile Vulnerability HotFix".
I recommend you to uninstall this fix and use the official patch from Microsoft as soon as it is available.
Quoted from here:
"You cannot wait for the official MS patch, you cannot block this one at the border, and you cannot leave your systems unprotected," Liston writes.
In the diary, ISC provides a link to the version of the patch it has examined, including a version designed for unattended installation on corporate systems.
While ISC recognises that corporate users will find it unacceptable to install an unofficial patch, "Acceptable or not, folks, you have to trust someone in this situation," Liston writes.
Quoted from here:
It is worth remembering that due to this vulnerability, the simple act of visiting a website could infect computers, if it contains a malicious WMF, opening the door to Trojans, worms and all types of threats. This vulnerability lies in the way Windows handles WMF (Windows Meta File), so all programs that can process this type of file are affected. These include Internet Explorer, Outlook and Windows Picture and Fax viewer.
In order to protect computers from this threat, as well as ensuring that a malware solution capable of blocking code that can exploit this vulnerability is installed, it is advisable to un-register the DLL associated to this attack, as described at Microsoft.com.
Similarly, although it is not usually recommended to install patches that are not released by the manufacturer of the product, users might want to install the patch released by Ilfak Guilfanov, a prestigious expert in Windows systems, until the Microsoft patch is available. This patch has been tested and recommended by SANS Internet Storm Center, and is available at: this link and this link.
Microsoft's release of the vulnerability
Here is where I initially discovered this. |
|
|
| tw1tch |
I've run into this problem this week, it executed and installed trojans that were a royal pain to remove.
Up to date AVG anti-virus won't help you, Ad-Aware won't help you, Spybot didn't help, nor did MS Antispyware help in finding the trojans that this exploit installed. I went hunting for a specific removal tool for the trojans. Install this temp patch. |
|
|
| DigitalMP |
Thanks, but I don't recommend waiting.
| quote: |
It is worth remembering that due to this vulnerability, the simple act of visiting a website could infect computers, if it contains a malicious WMF, opening the door to Trojans, worms and all types of threats.
|
Uninstall the temp patch when MS makes theirs available. |
|
|
| StereoPrincess |
thanks for the info.
the website you link to download the file doesn't work but the direct link works.
i wanted to read up from the download site first before directly downloading. |
|
|
| DigitalMP |
| quote: | Originally posted by StereoPrincess
thanks for the info.
the website you link to download the file doesn't work but the direct link works.
i wanted to read up from the download site first before directly downloading. |
I guess their server is pretty busy. All that page does anyways is list three alternate download links, and gives a link for others to inquire who are interested in hosting the file.
If you read the other quote links, they have wording straight from Guilfanov. |
|
|
| rabbitjoker |
| Which Windows versions does this effect? |
|
|
| tw1tch |
| quote: | Originally posted by rabbitjoker
Which Windows versions does this effect? |
Pretty much all of them, the 'Windows Platform'. |
|
|
| rabbitjoker |
| quote: | Originally posted by tw1tch
Pretty much all of them, the 'Windows Platform'. |
Bojangles. |
|
|
| CategoryZd |
Huh.
maybe that's why my Win2k system barely runs anymore.
Maybe that's why when I run netstat to see whats eating up my bandwidth it just spits out garbage.
...or maybe I should just lay off the sketchy porno sites... :rolleyes: |
|
|
| VERTiG0 |
| quote: | Originally posted by rabbitjoker
Which Windows versions does this effect? |
Everything from 3.0 up :) |
|
|
| Orko |
| quote: | Originally posted by tw1tch
Pretty much all of them, the 'Windows Platform'. |
You gotta love how MS nolonger provides updates for the other systems either. So if you are running anything other than XP, you are screwed.
I would still be running Win2000 if i had my choice. But I cant because of the lack of updates and game support :whip: |
|
|
|
|
