Computer Information & Shopping

News-Blogs.com

« Microsoft Dynamics CRM 3.0 – preliminary highlights | Microsoft

Update on severe Windows Security Flaw - What to do to secure your data

January 26, 2006 02:16 PM EST | Microsoft | Email to Friend | Comments (0)

Earlier we warned you about a serious security flaw, so-called "WMF flow." Several days later nearly one hundred different instances of exploitation of this newly discovered vulnerability had been found.
"Desktop users that suffered the effects of the IMF exploit describe it as a devastating experience to find their desktop computers completely taken over by an attacker.“

When it hit, the screen suddenly said, ‘Congratulations, you’re infected!’” said Brad Dinerman, vice president of information technology at MIS Alliance, a professional services outsourcing firm in Newton, Mass. It was clear that the computer running XP was no longer in his control.“

It had root access, it wouldn’t let me log off or do anything,” Dinerman said. He said he ended up having to re-build the machine from scratch. He noted that his machine had been up-to-date in terms of software patches, anti-virus and anti-spyware software. ""...exploit has so many variants that anti-virus firms are having a difficult time keeping up with the exploit’s changes in attack code."

http://www.networkingsmallbusiness.com/news/2006/010306-sans-microsoft-patch.html

It enables clueless newcomers to easily craft highly variable and hard-to-detect variations of image files. Images that take over computers when viewed. And do this on all common Windows platforms. Meaning that there are hundreds of millions of vulnerable computers in the net right now.

http://www.f-secure.com/weblog/archives/archive-012006.html

Current news on the situation, by BlogAutoPublisher support expert:

1. An official WMF Vulnerability update from Microsoft is now available
See more info and patches for various flavors of Windows at: http://www.microsoft.com/technet/security/Bulletin/MS06-001.mspx

Or just go to http://update.microsoft.com/ to pick up the right update automatically.

The patch requires that the PC be rebooted.

2. Microsoft is not fixing Windows 98/ME
Microsoft has now "reclassified" the WMF vulnerability in Windows 95, 98, and ME as non-critical (instead of just fixing it!). This means that it will probably NOT be updated and patched to eliminate the WMF handling vulnerability that those older versions of Windows apparently still have. "Per the support life cycle of these versions, only vulnerabilities of critical severity would receive security updates," the company said.

We urge you to upgrade, if possible, to WinXP which is much more secure and stable Windows version.

3. After applying the Microsoft's patch, go to Start > Run, paste there the following line:regsvr32 shimgvw.dlland press OK. You should see the following message: "DllRegisterServer in shimgvw.dll succeeded.

"All your Windows "picture viewing" capabilities are back to normal now.

Wishing you productive and secure 2006, BlogAutoPublisher Team.

Olga specializes in internet marketing, blogs, RSS feeds. Find out 55 ways to use the Marketer's Blogging Software Olga and her partner recently released: http://blogautopublisher.com

Related Products or Information

Comments

Post a comment

Note: Comments will only be posted upon our editor's approval

Thanks for signing in, . Now you can comment. (sign out)

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)


Remember me?


Email to a Friend

Email this entry to:


Your email address:


Message (optional):