Attn: Windows users.
There is a recently released vulnerability in Windows that has been called the worst ever. The reason is that it does not require the user to open an executable; malicious code can be installed on the computer simply by viewing an image in a browser or explorer.
Microsoft has not yet released an official patch. There is an unofficial patch available, but I am not going to give an opinion, as I do not have the technical knowhow to analyze the code.
There is a workaround provided by Microsoft that will help protect you until Microsoft releases an official patch. I would suggest that you do this, as it does not limit the functionality to an average user and it clears up most of the worry (apparently if one opens an infected file in the Fax Viewer or Paint, one can still be infected so be careful about that.)
Summary from TheReg.
Security and technical history of the vulnerability unfolding.
FAQ
Article that suggests this affects all versions (not just XP and 2003, like the Reg suggests).
Update: After reading much, much, much too much on the topic (being responsible for family's computers is sometimes a bit of a headache ;-), I feel confident in recommending the unofficial patch to keep yourself as safe as possible until the official patch comes out. It can be found here, and a lengthy discussion about the topic here (much of which should be taken with a grain of salt, for example, one does not have to unregister the dll at each reboot, that wouldn't make any sense considering that MS suggests rebooting after unregistering!)
Microsoft has not yet released an official patch. There is an unofficial patch available, but I am not going to give an opinion, as I do not have the technical knowhow to analyze the code.
There is a workaround provided by Microsoft that will help protect you until Microsoft releases an official patch. I would suggest that you do this, as it does not limit the functionality to an average user and it clears up most of the worry (apparently if one opens an infected file in the Fax Viewer or Paint, one can still be infected so be careful about that.)
- Go to Start Menu
- Select "Run"
- type "regsvr32 /u shimgvw.dll" (without quotes)
- This disables the starting of the Windows Picture and Fax Viewer when links to images are opened.
Summary from TheReg.
Security and technical history of the vulnerability unfolding.
FAQ
Article that suggests this affects all versions (not just XP and 2003, like the Reg suggests).
Update: After reading much, much, much too much on the topic (being responsible for family's computers is sometimes a bit of a headache ;-), I feel confident in recommending the unofficial patch to keep yourself as safe as possible until the official patch comes out. It can be found here, and a lengthy discussion about the topic here (much of which should be taken with a grain of salt, for example, one does not have to unregister the dll at each reboot, that wouldn't make any sense considering that MS suggests rebooting after unregistering!)
posted by
-
at
3:57 AM
0 comments
0 Comments:
Post a Comment
<< Home