Re: what is your advice to your users

[Todd Kisida <tkisida () DCP UFL EDU>]

I'm deploying the unofficial patch via Group Policy with V. Suuronen's
msi.  Apparently the msi is not perfect, but hopefully it'll help.
Probably will need to sneaker net the wmffix_hexblog13.exe tomorrow.

I'm also attempting to unregister shimgvw.dll via login script.  MS
states the need for admin rights, but regsvr32 reports success as a
User.  Being a design school I can't have this dll inactive for long,
but I'm hoping to buy some time.

I'm not convinced of the effectiveness of either solution, but hopefully
they can decrease the attack surface at least a bit.

--
Todd Kisida
Director of Information Technology
University of Florida
College of Design, Construction and Planning
142 Architecture Building
P.O. Box 115701 Gainesville, FL 32611
Voice (352) 392-4836 ext. 316 Fax (352) 392-7266
Email: tkisida () dcp ufl edu 


> -----Original Message-----
> From: Ken Connelly [mailto:Ken.Connelly () UNI EDU] 
> Sent: Monday, January 02, 2006 11:24 AM
> To: SECURITY () LISTSERV EDUCAUSE EDU
> Subject: Re: [SECURITY] what is your advice to your users
>
> Yes, I have suggested that local Windows admins install this 
> unofficial patch.
>
> - ken
>
> Leslie Maltz wrote:
>
> > "Users of the Windows OS should install an unofficial 
> security patch 
> > now without waiting for Microsoft Corp. to make its move, security 
> > researchers at The SANS Institute's Internet Storm Center (ISC)
> > advised yesterday."   see     
> http://www.computerworld.com/securitytopics/security/holes/story/0,108
> > 01,107420,00.html
> >
> >
> > Are you advising your users to install an unofficial patch 
> or are you 
> > waiting?
> >
> > And Happy New Year to all as we start the year off with new 
> problems.
> > -leslie