December 29th, 2005, 02:52 PM #1
WARNING-New Windows Exploit! PATCH RELEASED!
Internet Storm Center has given it the status "Infocon Yellow", so it's damn serious. Since a few days a new exploit is infecting many PC's that use "Windows".
Microsoft has not released a patch for it yet, so be careful on which links you click when visiting unknown sites!
If you suddenly see a pop-up that asks you if you want to look at something via the "Windows Picture And Faxviewer", just DON'T CLICK ON IT!
Here's a little movie that shows what happens if you do (it's from websensesecuritylabs.com, so it's safe!) It's a direct link, so it will open your WMA-player.
December 29th, 2005, 03:54 PM #2
Microsoft has a workaround: http://www.microsoft.com/technet/sec...ry/912840.mspx
To un-register Shimgvw.dll, follow these steps:
1. Click Start, click Run, type "regsvr32 -u %windir%\system32\shimgvw.dll" (without the quotation marks), and then click OK.
2. A dialog box appears to confirm that the un-registration process has succeeded. Click OK to close the dialog box.
Impact of Workaround: The Windows Picture and Fax Viewer will no longer be started when users click on a link to an image type that is associated with the Windows Picture and Fax Viewer.
To undo this change, re-register Shimgvw.dll by following the above steps. Replace the text in Step 1 with “regsvr32 %windir%\system32\shimgvw.dll” (without the quotation marks).
January 3rd, 2006, 04:26 PM #3
Microsoft will probably release an official patch around the 10th of january. They're also warning not to use the unofficial patch that's circulating on the net and that's written by an external expert.
Watch out folks this is serious stuff!
January 4th, 2006, 04:20 PM #4
January 6th, 2006, 05:07 PM #5