PLEASE NOTE: doing so will break your Microsoft Picture Viewer, but you can always undo it by typing:Īs stated above you should filter these sites, you can do so locally by editing your %windir%\System32\Drivers\Etc\Hosts file and adding this to the end of your list:ġ27.0.0.1 Edited Decemby travisowensĭays after the revelation of a flaw in Windows' handling of WMF graphics files, dozens of exploits are being spread from thousands of adware sites. Regsvr32 -u %windir%\system32\shimgvw.dll Second, you should always use %windir% not \Windows\ because not everybody's Windows installation is located there. Chances are every virus app has this protection by now, it has been like 6 weeks. This flaw was discovered on Nov 8th and I see that Symantec added this on Nov 11th. Replace the text in Step 1 with “regsvr32 %windir%\system32\shimgvw.dll” (without the quotation marks).įirstly, most virus software will already protect you. To undo this change, re-register Shimgvw.dll by following the above steps. Impact of Workaround: The Windows Picture and Fax Viewer will no longer be started when users click on a link to an image type that is associated with the Windows Picture and Fax Viewer. To un-register Shimgvw.dll, follow these steps:ġ.Click Start, click Run, type "regsvr32 -u %windir%\system32\shimgvw.dll" (without the quotation marks), and then click OK.Ģ.A dialog box appears to confirm that the un-registration process has succeeded. Un-register the Windows Picture and Fax Viewer (Shimgvw.dll) on Windows XP Service Pack 1 Windows XP Service Pack 2 Windows Server 2003 and Windows Server 2003 Service Pack 1 When a workaround reduces functionality, it is identified in the following section. While this workaround will not correct the underlying vulnerability, it will help block known attack vectors. Microsoft has tested the following workaround. Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution. Title Edited - Please follow new posting rules from now on. Would either of these suggestions be effective and are they really necessary? Windows Picture and Fax Viewer won't work either, and some other stuff will break, like previewing desktop images in Display Properties. This will remove Windows Explorer's capability to display images (thumbnails of gif, jpg, and such, including WMF). Regsvr32 /u \windows\system32\shimgvw.dll Another solution until a patch comes out: Might be a good idea to go into Windows Explorer and disable all handling of WMF files.Ģ. There seems to be considerable concern about the recently discovered "Windows WMF 0-day exploit" as apparently "fully patched Windows XP SP2 machines machines are vulnerable, with no known patch."Īt an Ars Technica forum I came across these 2 suggested solutions until an MS patch is avaiable:ġ.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |