Official WMF Vulnerability update
from Microsoft Available NOW!
|Microsoft is not fixing Windows 98/ME|
. . . so GRC will.
|Microsoft's official security update does|
the same thing as Ilfak's patch
for historical/archival purposes. It is obsolete with the
release of Microsoft's Windows security update patch.
A special (short) edition of "Security Now!" On Sunday, January 1st, I phoned into Leo Laporte's KFI "Tech Guy" radio program to inform him and his radio audience of the availability of Ilfak's new patch and real solution. Leo produced a special edition of our weekly "Security Now!" audio podcast. Since this was by telephone the audio quality is not great, but the high-quality and lower-quality MP3 audio files are available here:
Ilfak has produced a WMF Vulnerability Checker Many users want to verify that their "exploit suppressed" systems are now safe to use. And others want to see whether their anti-virus A-V systems are now detecting some WMF exploit code. So Ilfak has produced a simple WMF Vulnerability tester:
An important Note about A-V signatures: As useful as anti-virus protection is as a first line of defense, new WMF exploits are succeeding at bypassing them. So A-V cannot be relied upon. The only safe measure is to install Ilfak's vulnerability suppression solution until Microsoft has updated the GDI32.DLL file and permanently resolved this problem.
Windows 98/SE/ME users: Microsoft's original advice to "unregister the shimgvw.dll" (shell image viewer) was never correct or useful on those platforms. The good news is that all current WMF exploits appear to be non-functional on the older Win9x vintage platforms . . . so you will likely be okay until Microsoft has updated your system with the next security patches. There is no short-term workaround for Windows 9x/SE/ME users.
Other new links: See the bottom of the RED box below for many "original discovery" links.
Get generic WMF Vulnerability news from GoogleNews:
|New High Quality Temporary|
WMF Exploit Patch Available!
|Newly Discovered & Immediately|
Exploited Windows Vulnerability
|Resource links for Security Now! Episode #20:
Tack Tech SRVANY Page|
Resolving Hamachi and Remote Desktop logon troubles:
The Hamachi client must be run as a Windows service to prevent logon name collisions that occur when a remote Hamachi user attempts to logon using Windows remote desktop as the same user their local Hamachi client is logged on as. This can be resolved by running the local Hamachi client as a Windows service which causes the local Hamachi client to run in the SYSTEM account.
The Tack Tech page link above is one of many pages on the web describing how to run applications as services. You can simply "Google" for the string "SRVANY" to find many more . . . including a page by Microsoft.
Additionally and conveniently, the Tack Tech page provides a ZIP file containing the two Microsoft Windows utilities required to perform this work: http://www.tacktech.com/pub/microsoft/service/srvany.zip
McAfee's Free WPA Software
However, since McAfee is desperately trying to sell you more than you need (a dynamic WiFi endpoint authentication service), you MUST READ THIS page carefully and be sure to choose the "Disable Authentication" option when installing the client. You don't need their for-pay dynamic authentication subscription service since the use of your system-wide pre-shared key is completely sufficient.
The Gravity Newsreader v2.5 a 2.5 MB download from GRC's server.
Gibson Research Corporation is owned and operated by Steve Gibson. The contents
of this page are Copyright (c) 2014 Gibson Research Corporation. SpinRite, ShieldsUP,
NanoProbe, and any other indicated trademarks are registered trademarks of Gibson
|Last Edit: May 04, 2013 at 18:12 (847.36 days ago)||Viewed 9 times per day|