« Microsoft Dynamics CRM 3.0 – preliminary highlights | Microsoft
Update on severe Windows Security Flaw - What to do to secure your data
January 26, 2006 02:16 PM EST | Microsoft | Email to Friend | Comments (0)
Earlier we warned you about a serious security flaw, so-called "WMF flow." Several days later nearly one hundred different instances of exploitation of this newly discovered vulnerability had been found.
"Desktop users that suffered the effects of the IMF exploit describe it as a devastating experience to find their desktop computers completely taken over by an attacker.“
When it hit, the screen suddenly said, ‘Congratulations, you’re infected!’” said Brad Dinerman, vice president of information technology at MIS Alliance, a professional services outsourcing firm in Newton, Mass. It was clear that the computer running XP was no longer in his control.“
It had root access, it wouldn’t let me log off or do anything,” Dinerman said. He said he ended up having to re-build the machine from scratch. He noted that his machine had been up-to-date in terms of software patches, anti-virus and anti-spyware software. ""...exploit has so many variants that anti-virus firms are having a difficult time keeping up with the exploit’s changes in attack code."
http://www.networkingsmallbusiness.com/news/2006/010306-sans-microsoft-patch.html
It enables clueless newcomers to easily craft highly variable and hard-to-detect variations of image files. Images that take over computers when viewed. And do this on all common Windows platforms. Meaning that there are hundreds of millions of vulnerable computers in the net right now.
http://www.f-secure.com/weblog/archives/archive-012006.html
Current news on the situation, by BlogAutoPublisher support expert:
1. An official WMF Vulnerability update from Microsoft is now available
See more info and patches for various flavors of Windows at: http://www.microsoft.com/technet/security/Bulletin/MS06-001.mspx
Or just go to http://update.microsoft.com/ to pick up the right update automatically.
The patch requires that the PC be rebooted.
2. Microsoft is not fixing Windows 98/ME
Microsoft has now "reclassified" the WMF vulnerability in Windows 95, 98, and ME as non-critical (instead of just fixing it!). This means that it will probably NOT be updated and patched to eliminate the WMF handling vulnerability that those older versions of Windows apparently still have. "Per the support life cycle of these versions, only vulnerabilities of critical severity would receive security updates," the company said.
We urge you to upgrade, if possible, to WinXP which is much more secure and stable Windows version.
3. After applying the Microsoft's patch, go to Start > Run, paste there the following line:regsvr32 shimgvw.dlland press OK. You should see the following message: "DllRegisterServer in shimgvw.dll succeeded.
"All your Windows "picture viewing" capabilities are back to normal now.
Wishing you productive and secure 2006, BlogAutoPublisher Team.
Olga specializes in internet marketing, blogs, RSS feeds. Find out 55 ways to use the Marketer's Blogging Software Olga and her partner recently released: http://blogautopublisher.com
Related Articles
- Microsoft Dynamics CRM 3.0 – preliminary highlights - Oct 11, 2005
- Microsoft Dynamics GP customization tools evolution – overview for consultant - Sep 23, 2005
- Microsoft Dynamics GP: Auto dealership implementation - Sep 23, 2005
- Microsoft CRM Integration with IBM Lotus Notes Domino – machinery dealership example - Sep 16, 2005
- Microsoft Great Plains: Large Scale Implementation - Jul 31, 2005
Comments
Post a comment
Note: Comments will only be posted upon our editor's approval
Thanks for signing in, . Now you can comment. (sign out)
(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)
