Wait for Windows patch opens attack window

  • Thread starter Thread starter Jim
  • Start date Start date
J

Jim

Read all about it at CNN...
http://news.com.com/Wait+for+Window...window/2100-1002_3-6016747.html?tag=nefd.lede

Download the unofficial patch at

http://castlecops.com/a6436-Newest_WMF_Exploit_Patch_Saves_the_Day.html
(http://castlecops.com/t143213-Hexblog_WMF_FAQ.html)

http://handlers.sans.org/tliston/wmffix_hexblog14.exe
(this is a direct link to the executable - there's nothing on his index
page)

http://sunbeltblog.blogspot.com/2006/01/alternate-download-for-unofficial.html

The original webpage has evidentally been overwhelmed with all of the
traffic requesting the patch.

Jim
 
Jim: That is *not* a CNN link ;-)

Tom
| Read all about it at CNN...
|
http://news.com.com/Wait+for+Window...window/2100-1002_3-6016747.html?tag=nefd.lede
|
| Download the unofficial patch at
|
| http://castlecops.com/a6436-Newest_WMF_Exploit_Patch_Saves_the_Day.html
| (http://castlecops.com/t143213-Hexblog_WMF_FAQ.html)
|
| http://handlers.sans.org/tliston/wmffix_hexblog14.exe
| (this is a direct link to the executable - there's nothing on his index
| page)
|
|
http://sunbeltblog.blogspot.com/2006/01/alternate-download-for-unofficial.html
|
| The original webpage has evidentally been overwhelmed with all of the
| traffic requesting the patch.
|
| Jim
|
|
 
I disagree. The most important way a person protects themselves is by keeping up with the latest news about threats and then exercising good judgement while on the internet.

Install an "unofficial patch" on my computer? Not a chance.

Steven
 
I disagree. The most important way a person protects themselves is by
keeping up with the latest news about threats and then exercising good
judgement while on the internet.

Install an "unofficial patch" on my computer? Not a chance.

Steven

Jim said:
Read all about it at CNN...
http://news.com.com/Wait+for+Window...window/2100-1002_3-6016747.html?tag=nefd.lede

Download the unofficial patch at

http://castlecops.com/a6436-Newest_WMF_Exploit_Patch_Saves_the_Day.html
(http://castlecops.com/t143213-Hexblog_WMF_FAQ.html)

http://handlers.sans.org/tliston/wmffix_hexblog14.exe
(this is a direct link to the executable - there's nothing on his index
page)

http://sunbeltblog.blogspot.com/2006/01/alternate-download-for-unofficial.html

The original webpage has evidentally been overwhelmed with all of the
traffic requesting the patch.

The posted patch does NOT work for Win 9x systems anyhow (and AFAIK, it
won't install either) - since the files involved are somewhat different,
although their effect is similar.

I know of no effective 'prophylactic' for Win9x systems as of this time.

--
Noel Paton (MS-MVP 2002-2006, Windows)

Nil Carborundum Illegitemi
http://www.crashfixpc.com/millsrpch.htm

http://tinyurl.com/6oztj

Please read on how to post messages to NG's
 
[snip]

As clearly stated Ilfak Guilfanov's temporary fix is only for Win
2000, XP, 64-bit XP, and 2003 server. There is _no_ fix now for
98/SE/ME (though it's expected MS will issue one on or about Jan. 10).
So why are you posting on 98 and ME newsgroups?

--
Luke
______________________________________________________________________
"Warrants? We ain't got no warrants. We don't need no warrants. I
don't have to show you any stinkin' warrants."
-- George W. Bush, December 18, 2005
 
M said:
I disagree. The most important way a person protects themselves is by keeping up with the latest news about threats and then exercising good judgement while on the internet.

Install an "unofficial patch" on my computer? Not a chance.

Steven

I agree with your first statement, but not your second.

By this definition ("non-Microsoft-issued"), my CD-burning software, my
printer software, my antivirus, and my browser are "unofficial". That
doesn't mean they're evil - just that good judgement must be used in
their installation. Which leads back to your first statement :-)
 
Because Win98/me users are usually also XP users at work and other places.

This is an attempt to spread the word about the WMF exploit and the
available patch as far, and as quickly, as possible to minimize its impact
on the global PC community.

The Win98/me users are also affected and need to know what is happening that
will affect them.

I wish I had a link to a patch for sub-XP users, but I don;t know of any at
this time.

Jim

Luke said:
[snip]

As clearly stated Ilfak Guilfanov's temporary fix is only for Win
2000, XP, 64-bit XP, and 2003 server. There is _no_ fix now for
98/SE/ME (though it's expected MS will issue one on or about Jan. 10).
So why are you posting on 98 and ME newsgroups?

--
Luke
______________________________________________________________________
"Warrants? We ain't got no warrants. We don't need no warrants. I
don't have to show you any stinkin' warrants."
-- George W. Bush, December 18, 2005
 
Jim said:
Because Win98/me users are usually also XP users at work and other places.

This is an attempt to spread the word about the WMF exploit and the
available patch as far, and as quickly, as possible to minimize its impact
on the global PC community.

The Win98/me users are also affected and need to know what is happening that
will affect them.

I wish I had a link to a patch for sub-XP users, but I don;t know of any at
this time.

http://blogs.zdnet.com/Spyware/index.php?p=738


WMF vulnerability patch and more good news Posted by Suzi Turner @ 9:30 am


An unofficial patch has been written by programmer Ilfak Guilfanov. It
works in my tests. Get it here. Uninstall it before installing the
Microsoft patch due on January 10. There's is also a vulnerability checker
here. Guilfanov's blog must be getting heavy traffic — the pages are not
opening for me now. You can also download the patch at SANS. SANS also has
a WMF FAQ.

Initially it was thought that all versions of Windows are vulnerable. Now
several sources are saying that older versions are not vulnerable after all.
..






 
Pre-XP operating systems do not have the WMF file association that XP+
systems do.....

"It is true, as F-Secure says, that all versions of Windows back to 3.0 have
the vulnerability in GDI32. But most versions of Windows are not quite as
vulnerable as they appear. Except for Windows XP and Windows Server 2003, no
Windows versions, in their default configuration, have a default association
for WMF files, and none of their Paint programs or any other standard
programs installed with them can read WMF files. One ironic point to
conclude is that not until their most recent operating system versions did
Microsoft include a default handler - the Windows Picture and Fax Viewer -
for what has been, for years, an obsolete file format. And now it comes back
to bite them." -
http://blog.ziffdavis.com/seltzer/archive/2006/01/03/39684.aspx



JAD said:
Jim said:
Because Win98/me users are usually also XP users at work and other
places.

This is an attempt to spread the word about the WMF exploit and the
available patch as far, and as quickly, as possible to minimize its
impact
on the global PC community.

The Win98/me users are also affected and need to know what is happening that
will affect them.

I wish I had a link to a patch for sub-XP users, but I don;t know of any at
this time.

http://blogs.zdnet.com/Spyware/index.php?p=738


WMF vulnerability patch and more good news Posted by Suzi Turner @ 9:30 am


An unofficial patch has been written by programmer Ilfak Guilfanov. It
works in my tests. Get it here. Uninstall it before installing the
Microsoft patch due on January 10. There's is also a vulnerability
checker
here. Guilfanov's blog must be getting heavy traffic - the pages are not
opening for me now. You can also download the patch at SANS. SANS also
has
a WMF FAQ.

Initially it was thought that all versions of Windows are vulnerable. Now
several sources are saying that older versions are not vulnerable after
all.
.






 
I'm outta here.

I have shown you what I know about the patch and protecting yourselves. I
have projects to get out and must concentrate on them at this time.

Ultimately (in PCs as in life), your seurity is in your hands. Do your
research. Listen to whom you trust.

I wish you all the very best in this new year.

Have fun and be safe.

Jim
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Back
Top