Bits from Bill

Technology thoughts leaking from the brain of "Bill Pytlovany"

Friday, December 30, 2005

Why is Zero-Day WMF Exploit such a big deal?

YES, we’re making a big deal out of this flaw in Windows XP and Windows 2003 server.

NO, the AntiSpyware company’s are not creating Spyware so you’ll buy our products.

If anything this new problem shows how none of the security programs on the market can protect you 100% and I doubt they ever will. 

The solution to this problem isn’t to purchase my software or anyone else’s. It’s simple and you should do it immediately.

Click on the Start button and select “Run…”.
Type or copy/paste the following
regsvr32 /u shimgvw.dll” and click OK
This will unregister the file with the flaw which also displays thumbnail views in Windows Explorer. The file will not be deleted.
Also,  don’t use MSPaint which is included with Windows.

Why is this such a big deal??

1)  As I said, no security software available will stop this threat. Some will contain it, but the actual infection can occur by just viewing an Email or web page. You don’t have to download anything. Just viewing a document with a hacked image will infect you, period.

2)  An example of the programming code that allows this hack has been widely distributed and is still available online.  That means a twelve year old with some computer skills can replicate his own version and put it out on the web. It could be in an Email, an EBay sale page, forum message, anywhere.

Microsoft has acknowledged the problem and I suspect some folks in Redmond won’t be at home this weekend. 
                                       Microsoft Security Advisory (912840)
Once Microsoft has a fix available you can re-register the shimgvw.dll by typing the same command above without the /u.  
regsvr32  shimgvw.dll”.



Share on Facebook


Post a Comment

<< Home