Windows Critical Image Flaw - Temporary Workaround
Computer users are being alerted to a new flaw in Microsoft Windows which can be used to attack a PC.
The US net watchdog, the Computer Emergency Response Center (Cert), and security firms have issued warnings about certain types of image files called Windows Metafiles.
Experts said numerous websites were taking advantage of the flaw to sneak into computers and install spyware.
Microsoft has said it is looking into the issue.
The flaw centres on the way Microsoft's operating system handles Windows Metafiles (.wmf). These are image files that can contain both vector and bitmap-based picture information.
Temporary Fix:
This is a temporary workaround to the problem and should be used by Firefox users as well as users of Internet Explorer:
You need to unregister the bit of code (Shimgvw.dll) that allows the exploit to work. It handles the .wmf type files that are being exploited.
To un-register Shimgvw.dll, follow these steps:
1. Click Start, click Run, type "regsvr32 -u %windir%\system32\shimgvw.dll" (without the quotation marks), and then click OK.
2. A dialog box appears to confirm that the un-registration process has succeeded. Click OK to close the dialog box.
Impact of Workaround: The Windows Picture and Fax Viewer will no longer be started when users click on a link to an image type that is associated with the Windows Picture and Fax Viewer (the code used by the exploit).
Should you need to re-register the file because of poor performance, do the following:
1. Click Start, click Run, type "regsvr32 %windir%\system32\shimgvw.dll" (without the quotation marks), and then click OK.
2. A dialog box appears to confirm that the registration process has succeeded. Click OK to close the dialog box.
.
2 Comments:
Thank you for sharing that bit of information McFox! ;)
No problem. :)
It's a nasty exploit because so many users are exposed to the vulnerability. Probably be a while before a fix is available.
Post a Comment
<;p class="comment-timestamp"> << Home