WMF exploit

Jan. 4th, 2006 09:03 pm
khaosworks: (Global Frequency)
[personal profile] khaosworks
Public service announcement. You may have heard of the latest WMF exploit for Windows. This is serious stuff, people — you may think you're not vulnerable, or that it won't happen to you, but it can, and it's just so easy to do, and it gives complete control by an intruder over your computer. Everything.

So rather than wait for Microsoft to get off their asses and patch it up by January 10, by which time Lord knows how many people will get bitten, you might do well to be just a tad paranoid and get the unofficial patch.

For just what the WMF exploit can do, see http://www.f-secure.com/weblog/archives/archive-122005.html

And the unofficial patch can be found at:

http://www.grc.com/miscfiles/wmffix_hexblog14.exe
http://handlers.sans.org/tliston/wmffix_hexblog14.exe
http://castlecops.com/modules.php?name=Downloads&d_op=getit&lid=496
http://csc.sunbelt-software.com/wmf/wmffix_hexblog14.exe
http://www.antisource.com/download/wmffix_hexblog14.exe

So, begone — go forth and patch that hole. Once the fix from Microsoft is issued, you can uninstall this and install the official one.

Date: 2006-01-04 04:26 pm (UTC)
madfilkentist: My cat Florestan (gray shorthair) (Tux)
From: [personal profile] madfilkentist
A theory on why Microsoft is giving us the "Don't worry, just wait" line:

For the average idiot who runs Windows out of the box, uses Internet Explorer, and reads every email with Outlook, this isn't much different from the usual viruses and worms.

For those of us who know what we're doing, we realize that this exploit threatens our computers in spite of doing all the things that normally make us relatively safe. But we're not Microsoft's target market.

An alternative theory: They're still all hung over from New Year's.

Totally unrelated to this topic

Date: 2006-01-05 07:45 am (UTC)
From: (Anonymous)
Why don't you do this meme again? Maybe there'd be some changes..

http://www.livejournal.com/users/khaosworks/432913.html

Wikipedia

Date: 2006-01-05 11:33 am (UTC)
From: [identity profile] susanscookietin.livejournal.com
I keep getting messages that I have vandalised a Wikipedia page, when all I had been doing was only to access Wikipedia to check some information and have not attempted to edit the information therein.

The message they sent me is here: http://en.wikipedia.org/wiki/User_talk:165.21.154.112

I think they have made a mistake. Can you give me some advise?

Re: Wikipedia

Date: 2006-01-05 12:02 pm (UTC)
From: [identity profile] khaosworks.livejournal.com
That's because someone using your IP address - that's the perils of using dialup like Singnet, because IP address are dynamically assigned - has been vandalising before. It's not directed at you personally.

December 2011

S M T W T F S
    123
456789 10
11121314 151617
18192021222324
25262728293031

Most Popular Tags

Style Credit

Expand Cut Tags

No cut tags
Page generated Jul. 5th, 2025 12:11 pm
Powered by Dreamwidth Studios