[OPLINTECH] More Info Alert: Zero Day Exploit...no MS fix yet!
JKENZIG
JKENZIG at cuyahoga.lib.oh.us
Fri Dec 30 13:33:52 EST 2005
Note more info has been found that the regsrvr fix previously posted
also disables Thumbnails which you may not want to have happen. There
has been another workaround just released that consists of two registry
files to fix and restore back the WMF vulnerability for Windows XP
systems. This will keep your thumbnail functionality intact They are at:
Several Antivirus vendors still have no fix.
To apply the fix highlight and right click on and copy the below link
and paste it into Internet Explorer on your Windows XP home system to
download the file. Once downloaded click on the WPFV_disable.reg file
that you downloaded to appy the fix.
https://www.securinfos.info/english/WPFV_disable.reg
<https://www.securinfos.info/english/WPFV_disable.reg>
Download and click the above one to apply the patch.
To remove the fix highlight and right click on and copy the below link
and paste it into Internet Explorer on your Windows XP home system.
https://www.securinfos.info/english/WPFV_enable.reg
<https://www.securinfos.info/english/WPFV_enable.reg>
Download and click on the above one to take the patch off.
See the story at:
http://www.eweek.com/article2/0,1895,1906211,00.asp
<http://www.eweek.com/article2/0,1895,1906211,00.asp>
Jim Kenzig
Network Manager
Cuyahoga County Public Library
________________________________
From: oplintech-bounces at oplin.org [mailto:oplintech-bounces at oplin.org]
On Behalf Of JKENZIG
Sent: Friday, December 30, 2005 8:22 AM
To: OPLINTECH at OPLIN.ORG
Subject: Re: [OPLINTECH] Alert: Zero Day Exploit...no MS fix yet!
Microsoft's security advisory out on this attack:
http://www.microsoft.com/technet/security/advisory/912840.mspx
JK
________________________________
From: oplintech-bounces at oplin.org [mailto:org] On Behalf Of JKENZIG
Sent: Friday, December 30, 2005 8:01 AM
To: Subject: [OPLINTECH] Alert: Zero Day Exploit...no MS fix yet!
If you are running windows 2003 servers see the following article run
regserver temp fix and block the suggested sites below in your dns or
firewall asap!
http://www.eweek.com/article2/0,1895,1906210,00.asp
<http://www.eweek.com/article2/0,1895,1906210,00.asp>
F-Secure also recommends filtering domains at corporate firewalls. These
sites should be listed as off-limits:
toolbarbiz[dot]business
toolbarsite[dot]biz
toolbartraff[dot]biz
toolbarurl[dot]biz
buytoolbar[dot]biz
buytraff[dot]biz
iframebiz[dot]biz
iframecash[dot]biz
iframesite[dot]biz
iframetraff[dot]biz
iframeurl[dot]business
Regards,
Jim Kenzig
More information about the OPLINTECH
mailing list