https://mg.to/2006/01/03/worst-windows-security-flaw-yet Comments for "Worst Windows security flaw yet (updated)" en https://mg.to/2006/01/03/worst-windows-security-flaw-yet <p><strong>Update:</strong> Microsoft has now released their <a href="https://www.microsoft.com/technet/security/Bulletin/MS06-001.mspx">official patch</a> for the Windows Metafile security flaw. For detailed information, see the <a href="https://isc.sans.org/diary.php?storyid=1019">ISC report</a>.</p> <hr /> <p>(outdated content from 2006-01-03)</p> <p>In case you don&#8217;t already know about it, the new Windows Metafile security flaw is a nasty one. Do not wait for the <a href="https://www.microsoft.com/technet/security/advisory/912840.mspx">Microsoft patch</a> due next week. Protect your system now with Ilfak Guilfanov&#8217;s <a href="https://isc.sans.org/diary.php?storyid=999">unofficial patch</a>. After installing the patch, you can <a href="https://isc.sans.org/diary.php?storyid=1006">test your system</a> to confirm that the bug is fixed. (Click on the Kevin Gennuso link on that page to open a .wmf file that attempts to start calc.exe. If you get a normal Windows Picture and Fax Viewer window instead of calc.exe, you are good to go.)</p> <p>After Microsoft&#8217;s official patch is released, you can uninstall the unofficial patch.</p> <p>I didn&#8217;t review the code for the unofficial patch, but people who did review it describe how it works in the <a href="https://isc.sans.org/diary.php?storyid=994">WMF FAQ</a>. The patch works just the way I would have coded it myself.</p> <p>The FAQ also recommends unregistering shimgvw.dll in addition to the patch. I don&#8217;t think this is necessary, but it wouldn&#8217;t hurt.</p> https://mg.to/2006/01/03/worst-windows-security-flaw-yet#comments Windows Tue, 03 Jan 2006 04:18:02 +0000 Michael Geary 120 at https://mg.to