Kip Powick Posted January 2, 2006 Share Posted January 2, 2006 This is not a hoax…..this was passed to me by my son who makes his living with computers… the text of his email follows…. If you have a fair amount of knowledge about the inner workings of the “voodoo box” you own then you will see the problem. If you are not that familiar with the workings of your computer then all I can say is be very, very careful and really update your virus and security data base. The zero day exploits mentioned at the top of this newsletter are bad, _very_ bad. Your systems can get infected simply by viewing a malicious WMF file sent in an e-mail attachment or viewed in your browser. There are reports of known "good" web sites being compromised and malicious links added that will direct your browser to a malicious WMF file. As described below, the exploit can download keystroke loggers, back door programs, or virtually anything else. Once this vulnerability is exploited, it may be extremely difficult or even impossible to trace all of the actions taken by the exploit code. There is no patch available at this time, although Microsoft is investigating. The two best sources of information on this very serious problem are the Internet Storm Center and F-Secure links listed below in the article, and repeated here for convenience. You should go to this link, read and check other pages here as well…. Storm Centre And More info DO NOT IGNORE THIS THREAT. Read both of the above pages in their entirety, and consider implementing the workarounds discussed at these sites. New versions of the exploit are being developed as the anti-virus vendors release signatures for their products. Be sure to keep all anti-virus software completely up to date (we strongly recommend hourly checks for updated signatures), and consider increasing your full scan frequency. Good luck Link to comment Share on other sites More sharing options...
Guest rattler Posted January 2, 2006 Share Posted January 2, 2006 Microsoft Windows Graphics Rendering Engine WMF/EMF Format Code Execution Vulnerability Risk High Date Discovered 11-08-2005 Description Microsoft Windows WMF/EMF graphics rendering engine is affected by a remote code execution vulnerability. The problem presents itself when a user views a malicious WMF or EMF formatted file causing the affected engine to attempt to parse it. Exploitation of this issue can trigger an integer overflow that may facilitate heap memory corruption and arbitrary code execution. Any code execution that occurs will be with SYSTEM privileges due to the nature of the affected engine. Successful exploitation can facilitate a remote compromise or local privilege escalation. Symantec Enterprise Security Manager Symantec Enterprise Security Manager posted an update to the OS Patch Policy that detects and reports systems that are not patched against this vulnerability. Click here for the advisory released November 10, 2005. Symantec Enterprise Security Manager Network Assessment Module detects and reports this vulnerability. Click here for the advisory released November 11, 2005. Symantec Vulnerability Assessment Symantec Vulnerability Assessment detects and reports this vulnerability. Click here for the advisory released November 8, 2005. complete Article Link to comment Share on other sites More sharing options...
Say Again, Over! Posted January 2, 2006 Share Posted January 2, 2006 The fix... The answer!!! Link to comment Share on other sites More sharing options...
Super 80 Posted January 2, 2006 Share Posted January 2, 2006 macs have viruses too... their called Mac OS X Updates. Link to comment Share on other sites More sharing options...
Guest Zebigboss Posted January 3, 2006 Share Posted January 3, 2006 No problems with both my G5 imac and G4 ibook... If you repair your permissions and check and run disk repair before and after every update the chances of running into problems are slim to none... Actually they are slim to none even if you dont go through these very simple steps. Nice try Vader ! Link to comment Share on other sites More sharing options...
dagger Posted January 3, 2006 Share Posted January 3, 2006 No problems with both my G5 imac and G4 ibook... If you repair your permissions and check and run disk repair before and after every update the chances of running into problems are slim to none... Actually they are slim to none even if you dont go through these very simple steps. Nice try Vader ! Love my new iMacs, and yes, if you occasionally run a 60-second maintenance program that cleans out some caches and other crannies, it runs great. Link to comment Share on other sites More sharing options...
Super 80 Posted January 3, 2006 Share Posted January 3, 2006 Mac OS X 10.3 update nuked my Firewire backup drive, that was cutsie. Fortunately the main drive was okay. But I bet that little episode turned alot of air blue. I have a Mac Mini, until last week I had a 1.3ghz G4 tower but one of my old consulting clients made me an offer I couldn't refuse on it as they needed a fast machine that booted Mac OS 9 for something. $1100 + a 450mhz machine I could do my Mac OS 9 stuff on. Link to comment Share on other sites More sharing options...
moeman Posted January 4, 2006 Share Posted January 4, 2006 Hotfix Link to comment Share on other sites More sharing options...
Kip Powick Posted January 6, 2006 Author Share Posted January 6, 2006 The windows Hotfix is now available for download and installation....if you do not have auto update and installation selected on your computer. If unsure if it is installed...go to Control Panel> add/remove programs> and look for Microsoft Hotfix KB912919 You might want to read this entire page to ascertain how to remove the previous "hotfix" that was generated by the "Storm Centre" if you did in fact install it until MS patch became available. (Most info near bottom of page) Storm Center Update Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.