WMF - IMPORTANT Warning for all Windows users!
Options
sra
Posts: 4,678 Forumite
in Techie Stuff
Just in case you haven't heard, there has been a lot of talk on techie sites about a very bad vunerability in windows.- Threre are already MANY exploits and all browsers are vunerable
There is a patch here. The red box is microsoft's temporary soloution but instead you could use the unofficial patch in the Green box - Just remember to uninstal this temp patch when MS has an official patch (as it says in the green box)
There is a patch here. The red box is microsoft's temporary soloution but instead you could use the unofficial patch in the Green box - Just remember to uninstal this temp patch when MS has an official patch (as it says in the green box)
0
Comments
-
0
-
0
-
Thanks sra. I have just installed it here on my PC, will be doing the rest later.0
-
sra wrote:Just in case you haven't heard, there has been a lot of talk on techie sites about a very bad vunerability in windows.- Threre are already MANY exploits and all browsers are vunerable
There is a patch here (unlinked sjb). The red box is microsoft's temporary soloution but instead you could use the unofficial patch in the Green box - Just remember to uninstal this temp patch when MS has an official patch (as it says in the green box)
Apologies if this has been mentioned before - With New Year haven't been able to keep as up to date as usual.
IMHO you are a very brave man to offer such advice to the whole of the MSE readership. Those know-nothings at Microsoft offer http://www.microsoft.com/technet/security/advisory/912840.mspxWhat’s Microsoft’s response to the availability of third party patches for the WMF vulnerability?
Microsoft recommends that customers download and deploy the security update for the WMF vulnerability that we are targeting for release on January 10, 2006.
As a general rule, it is a best practice to utilize security updates for software vulnerabilities from the original vendor of the software. With Microsoft software, Microsoft carefully reviews and tests security updates to ensure that they are of high quality and have been evaluated thoroughly for application compatibility. In addition, Microsoft’s security updates are offered in 23 languages for all affected versions of the software simultaneously.
Microsoft cannot provide similar assurance for independent third party security updates.
I have no opinion or advice on the matter (but have installed the unoficial patch and unregistered the dll, and am keeping a weather eye on other forums).
SJB0 -
You'll have to wait a week for the official patch
http://www.theregister.co.uk/2006/01/03/wmf_workaround/
0 -
do you know if there are any mirrors for that Russian guy's patch? - I should have done it when you first posted it0
-
redux wrote:do you know if there are any mirrors for that Russian guy's patch? - I should have done it when you first posted it
There is an alternative link at the top of Grc now but that page sometimes times out - Just about every security site (apart from Microsoft) is recommending it so it's getting swamped0 -
I came accross an article over this exploit. AV-test.org ran all 73 known variants of this exploit against a range of antivirus programs to see which were being kept up to date against this exploit. I was most amazed at the result of Kaspersky.
Here's the list.............
AV-Test which tests anti-malware products, has been tracking the situation closely and has, so far, analyzed 73 variants of malicious WMF files. Products from the following companies have identified all 73:
* Alwil Software (Avast)
* Softwin (BitDefender)
* ClamAV
* F-Secure Inc.
* Fortinet Inc.
* McAfee Inc.
* ESET (Nod32)
* Panda Software
* Sophos Plc
* Symantec Corp.
* Trend Micro Inc.
* VirusBuster
These products detected fewer variants:
* 62 — eTrust-VET
* 62 — QuickHeal
* 61 — AntiVir
* 61 — Dr Web
* 61 — Kaspersky
* 60 — AVG
* 19 — Command
* 19 — F-Prot
* 11 — Ewido
* 7 — eSafe
* 7 — eTrust-INO
* 6 — Ikarus
* 6 — VBA32
* 0 — NormanHow many surrealists does it take to change a lightbulb?
...
...
...
...
Fish0 -
That puts an interesting spin on the perennial Avast vs AVG, better of the free argument.
:cool:
TOG604!0 -
Toxteth_OGrady wrote:That puts an interesting spin on the perennial Avast vs AVG, better of the free argument.
:cool:
TOG
lol......I saw that too, but I didn't want to upset anyone by pointing this out.How many surrealists does it take to change a lightbulb?
...
...
...
...
Fish0
This discussion has been closed.
Categories
- All Categories
- 343.7K Banking & Borrowing
- 250.2K Reduce Debt & Boost Income
- 449.9K Spending & Discounts
- 235.8K Work, Benefits & Business
- 608.9K Mortgages, Homes & Bills
- 173.3K Life & Family
- 248.4K Travel & Transport
- 1.5M Hobbies & Leisure
- 15.9K Discuss & Feedback
- 15.1K Coronavirus Support Boards