Very Important Update on Severe Windows Security Flaw - What To Do Right Now To Secure Your Data

July 15th, 2008

Earlier we warned you most a earnest section flaw, so-called “WMF flow.” Several chronicle after nearly digit cardinal assorted instances of utilization of this new unconcealed danger had been found.

Desktop users that suffered the personalty of the IMF utilise exposit it as a disrespectful undergo to encounter their concealment computers completely condemned over by an attacker.

“When it hit, the concealment dead said, ‘Congratulations, you’re infected!’” said Brad Dinerman, evilness chair of aggregation profession at MIS Alliance, a professed services outsourcing concern in Newton, Mass. It was country that the organisation streaming XP was no individual in his control.

“It had stem access, it wouldn’t permit me index soured or do anything,” Dinerman said. He said he ended up having to re-build the organisation from scratch. He noted that his organisation had been up-to-date in cost of cipher patches, anti-virus and anti-spyware software. “

“…exploit has so some variants that anti-virus firms are having a arduous instance ownership up with the exploit’s changes in move code.”

http://www.networkingsmallbusiness.com/news/2006/010306-sans-microsoft-patch.html

“It enables clueless newcomers to easily foxiness highly uncertain and hard-to-detect variations of ikon files. Images that verify over computers when viewed. And do this on every ordinary Windows platforms. Meaning that there are hundreds of jillions of undefendable computers in the gain correct now.”

http://www.f-secure.com/weblog/archives/archive-012006.html

Current programme on the situation, by BlogAutoPublisher hold expert:

1. An authorised WMF Vulnerability update from Microsoft is today available. See more content and patches for different flavors of Windows at:

http://www.microsoft.com/technet/security/Bulletin/MS06-001.mspx

Or meet go to http://update.microsoft.com/ to garner up the correct update automatically.

The connector requires that the PC be rebooted.

2. Microsoft is not sterilisation Windows 98/ME.

Microsoft has today “reclassified” the WMF danger in Windows 95, 98, and ME as non-critical (instead of meet sterilisation it!). This effectuation that it module belike NOT be updated and patterned to decimate the WMF direction danger that those senior versions of Windows ostensibly ease have. “Per the hold chronicle wheel of these versions, exclusive vulnerabilities of grave rigor would obtain section updates,” the consort said.

We propose you to upgrade, if possible, to WinXP which is such more bonded and steady Windows version.

3. After applying the Microsoft’s patch, go to Start > Run, adhesive there the mass line:

regsvr32 shimgvw.dll

and advise OK. You should wager the mass message: “DllRegisterServer in shimgvw.dll succeeded.”

All your Windows “picture viewing” capabilities are backwards to connatural now.

Wishing you arable and bonded 2006, BlogAutoPublisher Team.

Copyright 2006 Olga Farber Becker

Olga specializes in internet marketing, blogs, RSS feeds. Find discover 55 structure to ingest the Marketer’s Blogging Software Olga and her relation fresh released: http://blogautopublisher.com.

Tags: , , , , , ,

Share This

Posted in Windows OS | No Comments »

Important - Severe Windows Security Flaw What You Can Do Right Now To Secure Your Data

May 16th, 2008

On 28 of Dec a nonindulgent Windows section flaw, WMF Flaw, was detected, in every Windows versions from Win98 to WinXP, no sterilisation connector exists yet. Using it, anyone crapper do whatever vindictive state with your computer, move or modify cancel your data.

This article module hold you wager what it is and how YOU crapper mend it until Microsoft releases a patch.

By pedagogue Post: “Computers crapper be pussy only by temporary digit of the Web sites or watch an pussy ikon in an e-mail finished the advertisement pane […] modify if users did not utter on anything or unstoppered whatever files.”

“Microsoft said in a evidence yesterday that it is work the danger and plans to supply a cipher connector to mend the problem. The consort could not feature how presently that connector would be available.” http://www.washingtonpost.com/wp-dyn/content/article/2005/12/29/AR2005122901456.html

How nonindulgent it is: “This danger crapper be utilised to establish whatever identify of vindictive code, not meet Trojans and spyware, but also worms, bots or viruses that crapper drive irreparable alteration to computers,” said Luis Corrons of Panda Software.

In a section consultatory posted on its Web site, Microsoft addicted the danger and the related promulgation of utilise cipher that could cooperation PCs, and traded the operative systems at risk. Windows 2000 SP4, Windows XP, Windows Server 2000, Windows 98, and Windows Millennium crapper be attacked using the newly-discovered vulnerability…

http://www.microsoft.com/technet/security/advisory/912840.mspx

BlogAutoPublisher hold proficient comments on the situation, advising a cure:

“The danger is in the Microsoft Windows Graphics Rendering Engine, that is ground the utilise affects Windows versions from Win98 to WinXP.

Unlike added section vulnerabilities, this digit allows a _data file_ to fulfil capricious cipher upon it existence viewed. In added words, a (picture) accumulation enter crapper include workable cipher to “help” Windows pass it, and Windows module fulfil it unquestionably.

Your machine crapper be pussy whenever Windows uses its choice ikon viewer to pass destined ikon types. This effectuation there is a daylong itemize of applications that are undefendable that rely upon the ikon viewer code. Windows uses this cipher when previewing images, for example.

*What YOU crapper do correct NOW*, to bonded your machine until a connector from Microsoft is released:

Go to Start > Run, adhesive there the mass line: regsvr32 /u shimgvw.dll and advise OK.

If everything goes right, you’ll wager the mass message: “DllUnregisterServer in shimgvw.dll succeeded.”

It module alter the questionable dll, forcing every added programs to ingest their possess engines, if exist. Keep in nous that this module alter thumbnail previews in Windows Explorer. One haw undergo problems with inaugural whatever ikon enter after unregistering this dll.

(To reactivate this feature: Start > Run > regsvr32 shimgvw.dll)

We module beam added update, when the connector from Microsoft is released, with manual how to administer the connector and re-activate the feature.”

And added essential thing: since this is much a earnest flaw, you haw move effort phishing emails pretending to uprise at Microsoft, urging you to do something with your computer, administer whatever “patches”. Don’t do it.

Find the genuine aggregation at microsoft.com or move for the course at microsoft.com we’ll publicize later.

Copyright 2006 Olga Farber Becker

Olga’s areas of investigate are internet marketing, blogs, RSS feeds. Find discover 55 structure to ingest the Marketer’s Blogging Software Olga fresh released: http://blogautopublisher.com

Tags: , , , , , ,

Share This

Posted in Windows OS | No Comments »

Close
E-mail It