nanog mailing list archives
Re: WMF patch
From: Eric Frazier <eric () dmcontact com>
Date: Thu, 05 Jan 2006 09:54:16 -0800
At 01:40 AM 1/5/2006, Thomas Kuehling wrote:
Hi Eric Am Mittwoch, den 04.01.2006, 08:14 -0800 schrieb Eric Frazier: > Hi, > > I finally decided this was serious enough to do something about it sooner> than the MS patch, but while this seems to be the official link to the SANS> patch http://isc1.sans.org/diary.php?storyid=1010> it also is timing out. I have seen a couple of other links from googling to> people who have "repackaged" this, but I really don't want to download > something that doesn't match the SANS MD5.. > > Any links or suggestions? perhaps it is outdated, but as a workaround, it would be enough to unregister the DLL wich handles WMF: on the Start menu, choose Run, type "regsvr32 -u %windir%\system32 \shimgvw.dll", and then click OK. For more details, visit this link: http://www.frsirt.com/english/advisories/2005/3086
Thanks Thomas, something really useful. One thing I am still curious about, I read that there were other image formats can be used in an exploit, GIF, .BMP, .JPG, .TIF can also be used, according to F-Secure. I find this a little confusing, if that dll only deals with WMF file type then the exploit must not be directly connected with that dll Or does that dll handle all of those as well?
But then I found this http://www.pcworld.com/howto/article/0,aid,119993,00.aspWhich makes sense. The way a lot of things I have been seeing go on about this they act like WMF is the only format of issue and that obviously is not at all true. I would have more likely ignored this if it really was only WMF files and the MS patch a week or so away.
Thanks, Eric
Mit freundlichen GrüÃen Thomas Kühling -- Mapsolute Gmbh - Techn. Administration - TK2325-RIPE
Current thread:
- WMF patch Eric Frazier (Jan 04)
- RE: WMF patch Brance Amussen (Jan 04)
- RE: WMF patch Steve Sobol (Jan 04)
- Message not available
- Re: WMF patch Eric Frazier (Jan 05)
- Re: WMF patch Robert Boyle (Jan 05)
- Re: WMF patch Eric Frazier (Jan 05)
- RE: WMF patch Brance Amussen (Jan 04)
- <Possible follow-ups>
- RE: WMF patch Fergie (Jan 04)
- RE: WMF patch Randy Bush (Jan 04)
- RE: WMF patch Sean Donelan (Jan 04)
- RE: WMF patch Fred Heutte (Jan 04)
- Re: WMF patch Valdis . Kletnieks (Jan 04)
- Re: WMF patch Stephane Bortzmeyer (Jan 05)
- Re: WMF patch Alexander Harrowell (Jan 05)
- MPLS Providers Andrew Staples (Jan 05)
- Re: WMF patch Valdis . Kletnieks (Jan 04)