Re: WMF Vulnerability, Info.

---

• From: "jopa66" <jopa66-nospam@xxxxxxxxxxx>
• Date: Tue, 3 Jan 2006 21:42:00 -0500

---

Official WMF Vulnerability updates expected from Microsoft next Tuesday,
January 10th.

More info and TEMPORARY patch available here:
http://www.grc.com/sn/notes-020.htm

quote: "This safely and "dynamically patches" the vulnerable function in
Windows to neuter it and, after rebooting, renders any Windows 2000, XP,
64-bit XP and 2003 systems completely invulnerable to exploitation of the
Windows Metafile vulnerability."

--
~john aka: jopa



"MAP" <mikepawlak2REM@xxxxxxxxxxxxxx> wrote in message
news:enpJac%23DGHA.2892@xxxxxxxxxxxxxxxxxxxxxxx

Hello all,
A short time ago while surfing I was redirected to a site that tried to
install this
"POS", fortunately NOD32 stopped it (I have my av set up to ask me what to
do) when I clicked on delete the warning popup was gone and their was
another window, the familiar download window (open,save,cancel) which
clearly identified a wmf file awaiting download, my point is that if you
change your internet security custom levels to something more secure you
might not get infected with this,if you are paying attention.
My settings are as follows.


To help stop unauthorized downloads via your active x controls change your
default settings.
These settings are good for XP. The wording should be close for other
systems
as well.
Go to control panel and open "internet options".
Click on the security tab then custom level.
make sure these settings are as follows.

Download signed active x controls>set to prompt
Download unsigned active x controls>set to disable
Initialize and script active x controls not marked as safe>set to disable
Run active x controls and pluggins>set to enable
Script active x controls marked safe for scripting>set to enable
Java permissions>set to high
Launching programs and files in a IFRAME" > Prompt
Installation of Desktop items"> Prompt
Navigate sub-frames across different domains>prompt

Any comment is welcomed!

--
Mike Pawlak


.

---

• Follow-Ups:
  • Re: WMF Vulnerability, Info.
    • From: Phil Wright

• Prev by Date: Re: Protect Your PC Today & Save $20
• Next by Date: Re: Protect Your PC Today & Save $20
• Previous by thread: Re: WMF Vulnerability, Info.
• Next by thread: Re: WMF Vulnerability, Info.
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: WMF Vulnerability, Info. ... -Our page with some details about the MSI re-packaged installer. ... > Windows to neuter it and, after rebooting, renders any Windows 2000, XP, ... > clearly identified a wmf file awaiting download, my point is that if you ... > To help stop unauthorized downloads via your active x controls change your ... (microsoft.public.security.virus) Re: Cant download updates ... No EULA, no download nothing. ... > Recheck your Security & Privacy settings AND the ADVANCED settings ... > Windows Update Troubleshooter at MS ... I'm wondering if this is a server issue. ... (microsoft.public.windowsxp.general) Re: PestPatrol ... Most of the malware gets on a system these days via your active X settings ... Download signed active x controls>set to prompt ... Download unsigned active x controls>set to disable ... Initialize and script active x controls not marked as safe>set to disable ... (microsoft.public.windowsxp.security_admin) Re: WMF Vulnerability, Info. ... Open files based on content, ... clearly identified a wmf file awaiting download, my point is that if you ... My settings are as follows. ... To help stop unauthorized downloads via your active x controls change your ... (microsoft.public.security.virus) Re: Ideas on obtaining old controls? ... I am familiar with these controls as I have used them before. ... need them to get this package operational again so I can move ahead. ... >> talked to MS and they are not available as a download anymore. ... They were licensed for inclusion with Windows as part of Imaging ... (microsoft.public.vb.controls)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(16)