Thread: WMF Exploit!!! Install this patch now!
View Single Post
  #22  
Old 01-05-2006, 02:12 AM
Rashputin
 
Posts: n/a
Default Re: WMF Exploit!!! Install this patch now!

"Kerry Brown" <kerry@kdbNOSPAMsys-tems.c*a*m> wrote in message
news:eqpjUcIEGHA.1088@tk2msftngp13.phx.gbl...
> Chris H. wrote:
>> Incorrect, Jim. Users should wait for the official patch, and not
>> risk (1) going to some web site not connected with Microsoft, and (2)
>> not installing some "patch" or other software on their machine from
>> an unknown source.
>> As noted in the security bulletin issued, there are specific
>> instances where this violation of a computer can take place, and they
>> include being lured to a web site.
>>
>> Protection of the computer will come with intelligent computer usage,
>> including not visiting an unknown site for a "fix" not coming
>> directly from Microsoft.
>>
>
> If you believe the security bulletin you are have obviously not seen this
> exploit in action. Build a test machine, fully update Windows, install
> your antivirus and antispyware apps of choice and go to one of the many
> known sites that use this exploit. The machine will be infected, no if,
> ands, or buts. The people using the exploit are changing it often enough
> that the antivirus/spyware/malware apps can't keep up. I have tried it.
> have you? It was scary. I immediately ran the unofficial patch on my own
> machines. By the way many sites you think may be safe are not, knoppix-std
> dot org is one site that was known to be hacked and was distributing
> malware via this exploit. To most this would certainly seem to be a safe
> site. Many on these newsgroups regularly recommend using knoppix.
>
> Kerry
>
>
>
>
>> "Jim" <reply@groups.please> wrote in message
>> news:kMwuf.37341$Lb1.8673@bignews3.bellsouth.net.. .
>>> Chris,
>>>
>>> You are acting in an extremely irresponsible manner. This is one
>>> of the largest exploits ever to hit the Windows platform (in number
>>> of machines affected), and you are telling people to do nothing.
>>>
>>> The only thing more irresponsible than your post is Microsoft's
>>> refusal to take immediate action for such an exploit.
>>>
>>> Jim
>>>
>>> "Chris H." <winxpnews@hotmail.com> wrote in message
>>> news:um047fHEGHA.140@TK2MSFTNGP12.phx.gbl...
>>>> Microsoft has not released a patch at this point. Please do not
>>>> download or install a patch from any other source.
>>>> --
>>>> Chris H.
>>>> Microsoft Windows MVP/Tablet PC
>>>> Tablet Creations - http://nicecreations.us/
>>>> Associate Expert
>>>> Expert Zone - www.microsoft.com/windowsxp/expertzone
>
>
>



Does deleting the .wmf file association solve the problem or am I
misunderstanding it?

tia,

Regards


Reply With Quote