R V wrote:
I saw this article at
http://news.ft.com/cms/s/0d644d5e-7bb3-11da-ab8e-0000779e2340.html
I own a Mac :), but want to make everybody aware of this PC problem.
Be careful and good luck,
I've got to second that. Note that it doesn't affect PC's, just PC's
running a Microsoft OS. Those running Linux are also secure.
Here's a copy of an email I sent to my acquaintances that may be of some
use to people here. Please excuse me if this email doesn't mention
exactly what's at risk, the people it was originally sent to run only MS :-)
Steve
- - - - - - - - - - - - - - - - - - -
*************************************************
If this message sounds like gobldygook to you, then get the opinion of
someone you know to be an expert. DO NOT pass it on to everyone you
know unless you can personally vouch for what I say.
If you're reading this on your employer's computer -- DONT DO ANYTHING
YOURSELF. Speak to your technical support people (who may have already
taken action).
Please also note that I'm not prepared to do this to everyone's
machines, nor am I prepared to clean up if you get bitten by the exploit.
*************************************************
I never send you warnings about viruses, but... this one is different.
:-(
Somebody, just after Christmas 2005 discovered that they could make a
special image and when your windows PC tries to process it an error
causes your system to become vulnerable to infection with spyware,
viruses, etc.
If you're lucky your virus scanner or anti-spyware software will catch
the resulting infection sooner or later, but *not* the means for you to
become infected.
These "special" images started off being on a few (ummm) questionable
web sites, but now they're appearing in a host of other places and it's
not inconceivable you'll just come across one as you're browsing (or
possibly sent to you in a spam email).
MS have not yet (as of 4 Jan 2006) issued a patch. When they do, that
will probably be the best fix. However the exploits for this are
getting quite common.
So, the question is...
Have you done this:
Start->Run-> "regsvr32 -u %windir%\system32\shimgvw.dll"
(don't type the quotes)
to all the Win XP/2003 machines you have access to yet? If not, then
it's time to do it now.
(a side effect is that thumbnails won't be displayed in Windows any more
-- you'll have to live with this until MS issues a proper fix)
an even more unusual suggestion is to install the unofficial patch
http://www.hexblog.com/security/files/wmffix_hexblog13.exe
This is real. You'll not have me sending out warnings very often. I
heard about this from a number of reliable sources (slashdot, groklaw,
etc) a couple of days ago (just after Christmas 2005) and I have
verified some of the details at the various antivirus sites.
One example is
http://www.f-secure.com/weblog/archives/archive-122005.html
Use google to find more recent information:
http://news.google.com.au/news?hl=en&ned=au&q=wmf+microsoft+exploit&btnG=Search+News
Steve
p.s. I think I've sent out 2 warning like this to my acquaintances in
the past 10 years, so if you didn't like receiving this, email me in the
next five years or so and I'll try to remember the next time I send one.
