Windows WMF Metafile Vulnerability fix from reverse engineer

Well is this is a good way to start 2006 Microsoft. A very serious exploit was found in Windows during last week, and this time its a 0day exploit which means there's no patch available from Microsoft yet. Actually Microsoft are advising people to unregister the shimgvw.dll which is not a fix in anyones wildest imagination.

But luckly some reverse engineer called Ilfak Guilfanov has reversed engineer the shimgvw.dll and written a patch which runs on all 32/64bit Windows (aka no 95, 98 or ME support). From what I've read, it sounds like the patch is pretty safe (llfak has actually open sourced the code I believe) so I would recommend you download this patch till Microsoft sort out an official patch. And honestly do it now as there are tons of worms written for this exploit and there coming from many different directions. IM, Email, Browser, etc, etc. Oh by the way theres a checker too.

Pass this information to as many people as you can…

Comments [Comments]
Trackbacks [0]

Author: Ianforrester

Senior firestarter at BBC R&D, emergent technology expert and serial social geek event organiser. Can be found at cubicgarden@mas.to, cubicgarden@twit.social and cubicgarden@blacktwitter.io