khaosworks: (Global Frequency)
khaosworks ([personal profile] khaosworks) wrote2006-01-04 09:03 pm
  • Add Memory
  • Share This Entry
Entry tags:

WMF exploit

Public service announcement. You may have heard of the latest WMF exploit for Windows. This is serious stuff, people — you may think you're not vulnerable, or that it won't happen to you, but it can, and it's just so easy to do, and it gives complete control by an intruder over your computer. Everything.

So rather than wait for Microsoft to get off their asses and patch it up by January 10, by which time Lord knows how many people will get bitten, you might do well to be just a tad paranoid and get the unofficial patch.

For just what the WMF exploit can do, see http://www.f-secure.com/weblog/archives/archive-122005.html

And the unofficial patch can be found at:

http://www.grc.com/miscfiles/wmffix_hexblog14.exe
http://handlers.sans.org/tliston/wmffix_hexblog14.exe
http://castlecops.com/modules.php?name=Downloads&d_op=getit&lid=496
http://csc.sunbelt-software.com/wmf/wmffix_hexblog14.exe
http://www.antisource.com/download/wmffix_hexblog14.exe

So, begone — go forth and patch that hole. Once the fix from Microsoft is issued, you can uninstall this and install the official one.
  • Add Memory
  • Share This Entry
(4 comments)

Post a comment in response:

This account has disabled anonymous posting.
If you don't have an account you can create one now.
HTML doesn't work in the subject.
More info about formatting
 
Notice: This account is set to log the IP addresses of everyone who comments.
Links will be displayed as unclickable URLs to help prevent spam.