On Tuesday, December 27, 2005, Microsoft became aware of public reports of malicious attacks on some customers involving a previously unknown security vulnerability in the Windows Meta File (WMF) code area in the Windows platform.
Microsoft has completed development of the security update for the vulnerability. The security update is now being localized and tested to ensure quality and application compatibility. Microsoft’s goal is to release the update on Tuesday, January 10, 2006, as part of its monthly release of security bulletins. This release is predicated on successful completion of quality testing.
In addition, anti-virus companies indicate that attacks based on exploiting the WMF vulnerability are being effectively mitigated through up-to-date signatures.
Customers are encouraged to keep their anti-virus software up-to-date. The Microsoft Windows AntiSpyware (Beta) can also help protect your system from spyware and other potentially unwanted software. Customers can also visit Windows Live Safety Center and are encouraged to use the Complete Scan option to check for and remove malicious software that takes advantage of this vulnerability. We will continue to investigate these public reports.
Microsoft Security Advisory (912840) - Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution
envoid: There’s a workaround and verifier at hexblog.com. Seems to catch at least one of the possibly many exploits involved in this and disables it. All you need for this exploit is a webpage with a mod’d wmf on it (maybe even in a ad) and this exploit is complete. Verified it on my server. Agree with WhiteDragon to unregister that DLL. The two together seem to work well.
whitedragon: Quick temp fix, disable the WMF handler .dll. You may have a problem with not all thumbs loading, but I’ve had no issues on
Firefox 1.5.
- Open a command window (Start->Run, type cmd, press enter)
- Type regsvr32 /u shimgvw.dll, then press enter.
To restore image preview:
- regsvr32 shimgvw.dll
nForcersHQ Forum - Windows 0-day WMF Exploit
» Porn Sites Exploit New Internet Explorer Flaw - Patch Due Oct 10
» Microsoft Issues Patches for ‘Critical’ Flaws in Media Player and Windows
» Microsoft Releases Windows WMF Vulnerability Patch
» Microsoft Fixes Critical IE Problems
» Microsoft Warns of Windows Image-Handling Flaw
» Microsoft Releases Critical Updates
» Apple Fixes Critical iTunes Bug
» 64-bit Windows Updates Available - Windows Server 2003 x64 & Win XP Pro x64 Editions RC2 ++ Server 2003 SP1 RC2
» Microsoft Issues Security Patches - No IE Fix
» Microsoft Releases Unscheduled IE Security Patch
» Seven MS Security Bulletins & Patches - Plus Four New IE Vulnerabilities
» Free Microsoft Windows Security Update CD
» Microsoft Urges Move To IE 6 Service Pack 1 Following Code Leak
» Microsoft Warns Of Widespread Windows Flaw - Patch Released
» Microsoft Releases Early Cumulative IE Patch - Phishing Flaw Fixed
Published in: Microsoft on 2006-01-03
Loading ...
del.icio.us
Digg
Furl
Netscape
Yahoo! My Web
StumbleUpon
Google Bookmarks
Technorati
BlinkList
Newsvine
ma.gnolia
reddit
Windows Live
Tailrank
