Important: Severe Windows Security Flaw. What You Can Do Right Now To Secure Your Data
Computers & Technology → Site Security
- Author Olga Farber Becker
- Published January 11, 2006
- Word count 533
On 28 of December a severe Windows security flaw, WMF Flaw, was detected, in all Windows versions from Win98 to WinXP, no fixing patch exists yet. Using it, anyone can do any malicious action with your computer, steal or even erase your data.
This article will help you understand what it is and how YOU can fix it until Microsoft releases a patch.
By Washington Post: "Computers can be infected simply by visiting one of the Web sites or viewing an infected image in an e-mail through the preview pane [...] even if users did not click on anything or open any files."
"Microsoft said in a statement yesterday that it is investigating the vulnerability and plans to issue a software patch to fix the problem. The company could not say how soon that patch would be available." http://www.washingtonpost.com/wp-dyn/content/article/2005/12/29/AR2005122901456.html
How severe it is: "This vulnerability can be used to install any type of malicious code, not just Trojans and spyware, but also worms, bots or viruses that can cause irreparable damage to computers," said Luis Corrons of Panda Software.
In a security advisory posted on its Web site, Microsoft confirmed the vulnerability and the associated release of exploit code that could compromise PCs, and listed the operating systems at risk. Windows 2000 SP4, Windows XP, Windows Server 2000, Windows 98, and Windows Millennium can be attacked using the newly-discovered vulnerability...
http://www.microsoft.com/technet/security/advisory/912840.mspx
BlogAutoPublisher support expert comments on the situation, advising a cure:
"The vulnerability is in the Microsoft Windows Graphics Rendering Engine, that is why the exploit affects Windows versions from Win98 to WinXP.
Unlike other security vulnerabilities, this one allows a data file to execute arbitrary code upon it being viewed. In other words, a (picture) data file can contain executable code to "help" Windows display it, and Windows will execute it unquestionably.
Your computer can be infected whenever Windows uses its default image viewer to display certain image types. This means there is a long list of applications that are vulnerable that rely upon the image viewer code. Windows uses this code when previewing images, for example.
What YOU can do right NOW, to secure your computer until a patch from Microsoft is released:
Go to Start > Run, paste there the following line: regsvr32 /u shimgvw.dll and press OK.
If everything goes right, you'll see the following message: "DllUnregisterServer in shimgvw.dll succeeded."
It will disable the problematic dll, forcing all other programs to use their own engines, if exist. Keep in mind that this will disable thumbnail previews in Windows Explorer. One may experience problems with opening any image file after unregistering this dll.
(To reactivate this feature: Start > Run > regsvr32 shimgvw.dll)
We will send another update, when the patch from Microsoft is released, with instructions how to apply the patch and re-activate the feature."
And another important thing: since this is such a serious flaw, you may start getting phishing emails pretending to originate at Microsoft, urging you to do something with your computer, apply some "patches". Don't do it.
Find the true information at microsoft.com or wait for the links at microsoft.com we'll publish later.
Olga's areas of research are internet marketing, blogs, RSS feeds. Find out 55 ways to use the Marketer's Blogging Software Olga recently released: http://blogautopublisher.com
Article source: https://articlebiz.comRate article
Article comments
There are no posted comments.
Related articles
- A Brief Guide: The A-Z of Tailgating Attacks
- Essential Tips for Proofreading and Editing University Assignments
- Stop the Bleeding
- Top 10 Digital Forensics Tools: An In-Depth Exploration
- All You Need To Know To Secure Your Data From Phishing
- Crypto Security Guide: Everything You Need to Know to Protect Your Crypto
- Advancing Email Validation in Laravel
- Fortifying the Digital Fortress: Understanding the Foundations of Cybersecurity Architecture
- How is GenAI Changing Cybersecurity?
- AI-Enhanced Cybersecurity Trends for 2024
- The Game of Trust: A Guide to the Future of KYC in Gaming
- AI in Cybersecurity: The New Frontier in Digital Protection
- Metadata: The Attorney’s Secret Weapon in Civil Litigation
- The importance of cyber security
- 5 Reasons to Comply with CMMC
- Payless CCTV Security Camera
- How Bitdefender Protect From Pegasus Spyware
- Printer Security? Here Are 6 Tips To Keep Your Business Safe
- Why it is important to install Access control system at your business
- Powerful Keyloggers for Windows
- Website security check: Tips on how to protect your website from hackers
- How will cyber threats evolve in 2020?
- When to choose red teaming over penetration testing: A guide to a robust cybersecurity program
- Protect your files with drive image backup software
- How Cloud Management Values Change Your Business
- The U.S. Government and Zero Day Vulnerabilities
- Spyware – Yet Another Cyber Menace
- Reset lost passwords in Windows with Active@ Password Changer
- Antivirus measures you should know when your PC is infected with a virus
- Security Fit For Royalty!