Re: WMF Vulnerability, Info.
- From: "Phil Wright" <phil.dev@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 4 Jan 2006 17:23:19 -0500
-Our page with some details about the MSI re-packaged installer.
http://accentconsulting.com/wmf.shtml
-Author's official website http://www.hexblog.com/ (due to load, his
site was moved to a different server last night, if the previous link comes
up with an error page, use this link http://216.227.222.95/)
-Well wrote description of the problem and links to the author's website
http://www.grc.com/sn/notes-020.htm
Phil Wright
Accent Consulting Services, LLC
"jopa66" <jopa66-nospam@xxxxxxxxxxx> wrote in message
news:u5aV9iNEGHA.2300@xxxxxxxxxxxxxxxxxxxxxxx
> Official WMF Vulnerability updates expected from Microsoft next Tuesday,
> January 10th.
>
> More info and TEMPORARY patch available here:
> http://www.grc.com/sn/notes-020.htm
>
> quote: "This safely and "dynamically patches" the vulnerable function in
> Windows to neuter it and, after rebooting, renders any Windows 2000, XP,
> 64-bit XP and 2003 systems completely invulnerable to exploitation of the
> Windows Metafile vulnerability."
>
> --
> ~john aka: jopa
>
>
>
> "MAP" <mikepawlak2REM@xxxxxxxxxxxxxx> wrote in message
> news:enpJac%23DGHA.2892@xxxxxxxxxxxxxxxxxxxxxxx
>
> Hello all,
> A short time ago while surfing I was redirected to a site that tried to
> install this
> "POS", fortunately NOD32 stopped it (I have my av set up to ask me what
> to do) when I clicked on delete the warning popup was gone and their was
> another window, the familiar download window (open,save,cancel) which
> clearly identified a wmf file awaiting download, my point is that if you
> change your internet security custom levels to something more secure you
> might not get infected with this,if you are paying attention.
> My settings are as follows.
>
>
> To help stop unauthorized downloads via your active x controls change your
> default settings.
> These settings are good for XP. The wording should be close for other
> systems
> as well.
> Go to control panel and open "internet options".
> Click on the security tab then custom level.
> make sure these settings are as follows.
>
> Download signed active x controls>set to prompt
> Download unsigned active x controls>set to disable
> Initialize and script active x controls not marked as safe>set to disable
> Run active x controls and pluggins>set to enable
> Script active x controls marked safe for scripting>set to enable
> Java permissions>set to high
> Launching programs and files in a IFRAME" > Prompt
> Installation of Desktop items"> Prompt
> Navigate sub-frames across different domains>prompt
>
> Any comment is welcomed!
>
> --
> Mike Pawlak
>
.
- References:
- Re: WMF Vulnerability, Info.
- From: jopa66
- Re: WMF Vulnerability, Info.
- Prev by Date: Re: What is a good free antivirus protection program? Is AVG a good free program?
- Next by Date: Re: What is a good free antivirus protection program? Is AVG a good free program?
- Previous by thread: Re: WMF Vulnerability, Info.
- Next by thread: Spywareblaster
- Index(es):
Relevant Pages
|
