Suggested Actions
Workarounds

Microsoft has tested the following workaround. While this workaround will
not correct the underlying vulnerability, it will help block known attack
vectors. When a workaround reduces functionality, it is identified in the
following section.

Un-register the Windows Picture and Fax Viewer (Shimgvw.dll) on Windows
XP Service Pack 1; Windows XP Service Pack 2; Windows Server 2003 and
Windows Server 2003 Service Pack 1

From the MS Advisory:



To un-register Shimgvw.dll, follow these steps:

1.
Click Start, click Run, type "regsvr32 -u
%windir%\system32\shimgvw.dll" (without the quotation marks), and then click
OK.

2.
A dialog box appears to confirm that the un-registration process has
succeeded. Click OK to close the dialog box.


Impact of Workaround: The Windows Picture and Fax Viewer will no longer be
started when users click on a link to an image type that is associated with
the Windows Picture and Fax Viewer.

To undo this change, re-register Shimgvw.dll by following the above steps.
Replace the text in Step 1 with “regsvr32 %windir%\system32\shimgvw.dll”
(without the quotation marks).



Tom

"Stephen Howe" <stephenPOINThoweATtns-globalPOINTcom> wrote in message
news:umNfEnIDGHA.1180@TK2MSFTNGP09.phx.gbl...
|> It's under "Suggested Actions"
|
| No it is not. Those, in the strictest sense, do not prevent you getting
| inadvertently infected. None of them do. A "workaround" would prevent you
| getting infected. That is the normal meaning of the word "workaround".
|
| Here is a workaround:
|
| Run
| regsvr32 /u shimgvw.dll
|
| Stephen Howe
|
|
|
|
|