![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
misterxI'm putting it behind a cut tag because it's long, but you need to read this to protect yourselves. Microsoft will not be releasing a patch until the 10th.
Some researchers are suggesting this may be the most widely spread windows vulnerability ever.
Short description of the problem:
.wmf files are a type of graphic recognized by Windows. The software that handles these files in Windows has a bug that lets malicious persons run anything they want on your system. Merely viewing the graphic in a webpage, from an email, or from your hard drive is enough to trigger the exploit. Viewing it as a thumbnail image will trigger it, and having it indexed by something like Google Desktop Search will trigger it. It's very nasty. The .wmf files can be renamed to have any file extension, and the exploit will still work, so don't think avoiding .wmf files make you safe. It can be in anything. What will happen when it is triggered depends on the payload the hacker inserted. It could do anything, no telling.
Short description of the fix options:
1. Keep your antivirus up to date. This will help, but exploits are still slipping past. The antivirus vendors don't have their detection fully in place yet.
2. "Unregister" the vulnerable application within windows. This breaks the association between the filetype and the vulnerable program, making it harder (but not impossible) for attacks to succeed. ***Note: this means that double clicking on an image associated with the Fax and Picture viewer will not start the viewer, and your system will no longer display image thumbnails.*** To unregister the app, do the following:
Click Start, click Run, copy and paste the following line:
regsvr32 -u %windir%\system32\shimgvw.dll
and then click OK. You should recieve confirmation that you have unregistered the dll.
This can be reversed later, after a patch is applied, with
regsvr32 %windir%\system32\shimgvw.dll
3. ***note: this is not officially recommended by Microsoft, but security researchers such as the ISC (internet storm center) at Sans.org, and F-secure recommend this as a course of action, lacking an offical patch from microsoft***
Install an unofficial patch. It has been tested extensively by the ISC and others, and prevents exploitation without changing functionality of thumbnails and images within windows.
Link: http://handlers.sans.org/tliston/WMFHotfix-1.1.14.msi
Learn more / References
http://isc.sans.org/ (good FAQ about it, scroll down)
http://www.f-secure.com/weblog/
http://www.kb.cert.org/vuls/id/181038 (many more reference links here)
http://www.microsoft.com/technet/security/advisory/912840.mspx
Some researchers are suggesting this may be the most widely spread windows vulnerability ever.
Short description of the problem:
.wmf files are a type of graphic recognized by Windows. The software that handles these files in Windows has a bug that lets malicious persons run anything they want on your system. Merely viewing the graphic in a webpage, from an email, or from your hard drive is enough to trigger the exploit. Viewing it as a thumbnail image will trigger it, and having it indexed by something like Google Desktop Search will trigger it. It's very nasty. The .wmf files can be renamed to have any file extension, and the exploit will still work, so don't think avoiding .wmf files make you safe. It can be in anything. What will happen when it is triggered depends on the payload the hacker inserted. It could do anything, no telling.
Short description of the fix options:
1. Keep your antivirus up to date. This will help, but exploits are still slipping past. The antivirus vendors don't have their detection fully in place yet.
2. "Unregister" the vulnerable application within windows. This breaks the association between the filetype and the vulnerable program, making it harder (but not impossible) for attacks to succeed. ***Note: this means that double clicking on an image associated with the Fax and Picture viewer will not start the viewer, and your system will no longer display image thumbnails.*** To unregister the app, do the following:
Click Start, click Run, copy and paste the following line:
regsvr32 -u %windir%\system32\shimgvw.dll
and then click OK. You should recieve confirmation that you have unregistered the dll.
This can be reversed later, after a patch is applied, with
regsvr32 %windir%\system32\shimgvw.dll
3. ***note: this is not officially recommended by Microsoft, but security researchers such as the ISC (internet storm center) at Sans.org, and F-secure recommend this as a course of action, lacking an offical patch from microsoft***
Install an unofficial patch. It has been tested extensively by the ISC and others, and prevents exploitation without changing functionality of thumbnails and images within windows.
Link: http://handlers.sans.org/tliston/WMFHotfix-1.1.14.msi
Learn more / References
http://isc.sans.org/ (good FAQ about it, scroll down)
http://www.f-secure.com/weblog/
http://www.kb.cert.org/vuls/id/181038 (many more reference links here)
http://www.microsoft.com/technet/security/advisory/912840.mspx
![[identity profile]](https://www.dreamwidth.org/img/silk/identity/openid.png){kind=small}
no subject
on 2006-01-03 08:51 pm (UTC)no subject
on 2006-01-04 02:39 am (UTC)no subject
on 2006-01-04 01:22 pm (UTC)no subject
on 2006-01-04 02:18 am (UTC)Do you have any suggestions on what to look for? Michelle has a fuji camera and after playing with it tonight we realized that if you mess with the "shutter speed" it take pictures quicker. I just want a nice easy camera that is under $300 bucks. Any suggestions?
I am also looking for a video camera and there are sooooo many my mind is completly boggled.
no subject
on 2006-01-04 02:37 am (UTC)With many digicams, it's just a matter of learning a bit about the camera to make it take faster pics. The more decisions the camera has to make, the slower it is.
So, shooting on full-auto mode is the slowest. Which is probably what you've been experiencing.
Try presetting the ISO value to something midrange (200 or 400), and fixing the shutter speed to 1/50 or better. That should remove a couple decisions from the picture taking process. All it has to do is focus and adjust aperature then.
An alternative method is to point the cam at your subject and hold the shutter button halfway down, and then snap when the moment is right. On most cams, depressing the button halfway makes it decide on all it's settings, so it fires instantly on the full press. I do this a lot when shooting pics of the kids. Doesn't work so well when they are older, because they move too much and change the focal distance, but babies are a fairly immobile lot, and work well with this technique.
Wait... it's a baby. Maybe you want something waterproof, like a Pentax Optio WPi? ;)
no subject
on 2006-01-04 04:52 am (UTC)well, the first half of the last line!
So so you think that canon is the best camera? the s80 is about 500 bucks so it is out of my price range. I might just have to wait till some of the good ones come down in price.
In the meantime if you ever happen to be looking in the paper at the ads and see a camera and think "golly, that is a nice camera for a beginner" give me a shout!
hugs!
no subject
on 2006-01-05 03:43 am (UTC)no subject
on 2006-01-04 02:38 am (UTC)no subject
on 2006-01-04 04:58 am (UTC)I used to make fun of people that got kinda stupid when they had kids. Karma is kicking my ass on this one! It is like my brain has decided to only operate at half mast. I am really hoping it comes back by the time the baby is here!
How do I know if I have the problem? I use trend pc-cillian and it updates almost everyday so I hope that gets it.
no subject
on 2006-01-05 03:41 am (UTC)http://handlers.sans.org/tliston/WMFHotfix-1.1.14.msi
no subject
on 2006-01-05 03:36 am (UTC)no subject
on 2006-01-05 03:40 am (UTC)