Stupid Windows and Stupid WMF and for goodness’ sakes, Protect Yourselves

Okay, so this is kinda old news now, but just cos I guess it’s getting to be more and more of a problem, and also cos I know a few of y’all don’t pay ANY ATTENTION TO THE NEWS(!!!), I just wanted to quickly mention this. And for all you Mac users out there who don’t care cos once again, it don’t affect y’all, pffffft:p

I guess in late December, or maybe earlier, I dunno, some smarty pants discovered a bigtime Windows security vulnerability the likes of which haven’t been seen cos it affects every single version of Windows since Windows began (3.1 or something?) and all you have to do is look at pictures/graphics which everyone does everyday. Or something like that. They’re calling it “WMF” (Windows MetaFile) or “Zero Day” if you are keeping up with the news. Anyhows, Microsoft won’t come out with a patch ’til like the 10th, so here are some things you should do before then:

All this stuff is from Microsoft, but I know at least 1 of you (ahem, Kitty) won’t read that.

  • Un-register Shimgvw.dll:
    1. Click Start, click Run, type “regsvr32 -u %windir%\system32\shimgvw.dll” (without the quotation marks), and then click OK. You can copy and paste.
    2. A dialog box appears to confirm that the un-registration process has succeeded. Click OK to close the dialog box.
    3. You won’t be able to use Thumbnail view or Microsoft Picture and Fax Viewer afterwards, but I think it’s important enough to be worth the inconvenience.
    4. If this is too complicated for you, I can send you a batch file that will do it, just mail me at mim*at*nothingedifying*dot*com. Basically, it’s a Windows text file that does the unregistering (cos it has the line I told you to copy and paste in it and nothing else), just double click and then click OK.
    5. To undo this change, re-register Shimgvw.dll by following the above steps. Replace the text in Step 1 with “regsvr32 %windir%\system32\shimgvw.dll” (without the quotation marks). I can send you a file to do that too. Although I should probably point out that running a batch file you got from some online person is probably not a great idea in general.
  • Make sure your virus definitions are up-to-date. For Symantec Antivirus, you can:
    1. Open up Symantec Antivirus — find and double click on the Symantec Antivirus icon on the bottom right of your screen.
    2. Find the LiveUpdate button probably on the bottom right of the Antivirus window and click on that. Then it’s a Next Next Next Finish deal. Right now, the latest definitions are from today. If your definitions aren’t from 1/3/2006, they’re behind, take care of it.

    Update: Yut says that his are from 12/30/2005 and it won’t update more than that. So maybe that’s ok too. But make sure at least late December or early January.

  • I dunno if anyone else is saying this, so it could be way wrong, but I would make sure System Restore is running if you’re running Windows XP. That way, if you do get infected with something, there’s a chance that you’ll be able to System Restore it away. Afterwards, you still have to run antivirus and antispyware scans, but better’n nothing. To check if System Restore is running:
    1. Right click on My Computer, choose Properties
    2. Click on the System Restore tab and make sure things are checked off and whatnot:)

    System Restore should automatically create restore points, but if you feel like doing a manual one:

    1. Go to Start, Program Files, Accessories, System Tools, System Restore.
    2. Follow the wizard to create a restore point
  • In general, just be careful about installing stuff or visiting warez or p0rn sites. And be careful about even opening mail from people you don’t know. Turn off any preview functions in your mail viewer. You know, normal stuff. Oh and if you still see pop-up ads, that ups your chances of having stuff happen. Use Firefox. Or at least the latest Windows XP version of Internet Explorer. If you are running something not XP, for sure use Firefox.

Thus far, I only know one person who’s been affected by this, so maybe it’s not a big deal. But eh, just in case. Also, next time I visit, I don’t wanna spend all my time reinstalling Windows:p (hi CT:D)

For more information in easily understandable language, check out Security Fix, Brian Krebs’s column/blog on Washingtonpost.com, especially his article from a few days ago New Exploit for Unpatched Windows Flaw. His later articles include stuff about an unofficial patch, but you have to decide for yourself about that one. I installed it on a computer that I have an image for, and it’s been fine, but up to you. And if you do decide to install the unofficial patch, uninstall it before you install the official patch when it comes out.

Update:
Other interesting articles:
Experts Advocate Non-Microsoft Windows Patch by Brian Krebs in the Washington Post
Oxy-morons by Tom Liston on SANS Internet Storm Center

2 Comments

  1. i can’t believe u actually asked me to read that. and i can’t believe i just TRIED to read it-_-;;… i got lost after my name and the first direction… lets speak kitty english mmkay? likkkeee simple terms… that kitty shall understand… =) LOL

  2. Argh, do the steps. Just the stuff in the list.
    Or ok, I’ll send you a file, you run it, then update your antivirus, and oh update windows and that’s it ok?

Comments are closed.

© 2017 nothing edifying

Theme by Anders NorenUp ↑