«
»

SANS on WMF – Trust us

Print This Post Print This Post


January 1st, 2006

Interesting and accurate entry from Tom Liston in the SANS Internet Storm Center blog on the WMF exploit:

To the best of my knowledge, over the past 5 years, this rag-tag group of volunteers hasn't asked for your trust: we've earned it.  Now we're going to expend some of that hard-earned trust:

This is a bad situation that will only get worse.  The very best response that our collective wisdom can create is contained in this advice - unregister shimgvw.dll and use the unofficial patch.  You need to trust us.

I couldn't agree more!  Details on how to uninstall the DLL appears here while details of the patch are here.

It sounds like bad news from Microsoft too:

The word from Redmond isn't encouraging.  We've heard nothing to indicate that we're going to see anything from Microsoft before January 9th.  

The response so far from antivirus companies to the 2nd generation WMF threat isn't all that good either.

Technorati Tags: ,

Share and Enjoy:
  • Digg
  • del.icio.us
  • Reddit
  • Google Bookmarks
  • Live
  • Slashdot
  • Technorati

This entry was posted on Sunday, January 1st, 2006 at 17:08 and is filed under Stay Secure. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.

2 Responses to “SANS on WMF – Trust us”

  1. Polarman Says:
    January 1st, 2006 at 21:51

    Urgent WMF exploit

    What Microsoft should do about the WMF exploit: · Use automatic update to immediately unregister the shimgvw DLL. When they’ve fixed the problem, they can turn it back on. · Negotiate to use the current fix of Ilfak Guilfanov’s. Pay

  2. Polarman Says:
    January 1st, 2006 at 22:22

    Urgent: WMF exploit

    Unfortunately there was a zero-day exploit found in the last few days. This means that Microsoft hasn’t patched it and the bad guys are already using it to completely take over computers. It’s publicly available on how to take over