Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Wmf Vulnerability


  • Please log in to reply
5 replies to this topic

#1 Rimmer

Rimmer

  • Members
  • 2,159 posts
  • OFFLINE
  •  
  • Location:near Sydney, Australia
  • Local time:10:01 PM

Posted 04 January 2006 - 12:22 AM

I followed the directions here:
http://www.bleepingcomputer.com/forums/t/39047/how-to-protect-yourself-from-the-windows-metafile-vulnerability/

I have downloaded the Vulnerability Checker and the Shimqvw.bat script. I've run option 1 of the script and it said "successfull" but the vulnerability checker says I'm still vulnerable.

Just wondering what was going on?

Soltek QBIC, Pentium 4 3.0GHz, 512MB RAM, 200GB SATA HDD, ATI Radeon 9600XT 256MB, Netgear 54Mb/s WAP, ridiculously expensive Satellite Broadband
Windows XP Home SP2, Trend Micro Internet Security, Firefox, Thunderbird, AdAwareSE, Spybot S&D, SpywareBlaster, A-squared Free, Ewido Security Suite.

BC AdBot (Login to Remove)

 


#2 ddeerrff

ddeerrff

    Retired


  • Malware Response Team
  • 2,735 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Upper Midwest, US
  • Local time:07:01 AM

Posted 04 January 2006 - 12:42 AM

Did you also install wmffix_hexblog14.exe ?
Derfram
~~~~~~

#3 Rimmer

Rimmer
  • Topic Starter

  • Members
  • 2,159 posts
  • OFFLINE
  •  
  • Location:near Sydney, Australia
  • Local time:10:01 PM

Posted 04 January 2006 - 01:00 AM

No, I thought running the script was an alternative to that.

Soltek QBIC, Pentium 4 3.0GHz, 512MB RAM, 200GB SATA HDD, ATI Radeon 9600XT 256MB, Netgear 54Mb/s WAP, ridiculously expensive Satellite Broadband
Windows XP Home SP2, Trend Micro Internet Security, Firefox, Thunderbird, AdAwareSE, Spybot S&D, SpywareBlaster, A-squared Free, Ewido Security Suite.

#4 peter1

peter1

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:01 AM

Posted 04 January 2006 - 05:25 AM

Hi, Just thought that I would throw this in here. I am trying the Microsoft One Care (beta) security program. When I started my computer this morning Microsoft informed me that they are working on the patch but in the meantime my computer is protected from this vulnerability through the one care program.

#5 ddeerrff

ddeerrff

    Retired


  • Malware Response Team
  • 2,735 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Upper Midwest, US
  • Local time:07:01 AM

Posted 04 January 2006 - 11:56 AM

Unregistering the pix/fax viewer is only a partial fix. You also need to install wmffix.

There is *supposed* to be a fix included in next Tuesday's updates.
Derfram
~~~~~~

#6 Rimmer

Rimmer
  • Topic Starter

  • Members
  • 2,159 posts
  • OFFLINE
  •  
  • Location:near Sydney, Australia
  • Local time:10:01 PM

Posted 06 January 2006 - 12:01 AM

Thanks for your replies. :thumbsup:

For those who have not seen the news the Microsoft patch is available *now*.

I've installed it (after the usual MS authentication insults :flowers: ) and the Vulnerability Checker says I'm "Impregnable" :trumpet: So for users of Windows XP SP1 and SP2 the point is now moot.

Soltek QBIC, Pentium 4 3.0GHz, 512MB RAM, 200GB SATA HDD, ATI Radeon 9600XT 256MB, Netgear 54Mb/s WAP, ridiculously expensive Satellite Broadband
Windows XP Home SP2, Trend Micro Internet Security, Firefox, Thunderbird, AdAwareSE, Spybot S&D, SpywareBlaster, A-squared Free, Ewido Security Suite.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users