http://www.frsirt.com/exploits/20051...etafile.pm.php
Printable View
Pffft. Easy work around tested by yours truly.
1. Click on the Start button on the taskbar.
2. Click on Run...
3. Type "regsvr32 /u shimgvw.dll" to disable.
4. Click ok when the change dialog appears.
When a patch is available, re-register the shimgvw.dll (regsvr32 shimgvw.dll).
Also, all you firefox users, you too can be hosed by this exploit. If you have the google toolbar installed you will be autopwn3d. I'm going to step through it in meh lab in the mornin.
--TH13
If I understand this correctly, this unregisters the shimgvw.dll as a command component from the registry, which will prevent Windows from using it. Not being able to use it, it won't be able to display pictures or faxes.Quote:
Originally posted here by thehorse13
Pffft. Easy work around tested by yours truly.
1. Click on the Start button on the taskbar.
2. Click on Run...
3. Type "regsvr32 /u shimgvw.dll" to disable.
4. Click ok when the change dialog appears.
When a patch is available, re-register the shimgvw.dll (regsvr32 shimgvw.dll).
Also, all you firefox users, you too can be hosed by this exploit. If you have the google toolbar installed you will be autopwn3d. I'm going to step through it in meh lab in the mornin.
--TH13
Will it still display icons, though? Basically, what does it break and how badly?
- X
shimgvw.dll is a library which contains COM functions used for image rendering. It's used when displaying images and/or faxes. If shimgvw.dll is unavailable, windows may not be able to display faxes or images. If this is not a problem for you, you can safely remove this file.Quote:
Will it still display icons, though? Basically, what does it break and how badly?
Hmmmm. That seems like it would break quite a bit, as the all your icons are image files, your system tray has image files, etc.Quote:
Originally posted here by thehorse13
shimgvw.dll is a library which contains COM functions used for image rendering. It's used when displaying images and/or faxes. If shimgvw.dll is unavailable, windows may not be able to display faxes or images. If this is not a problem for you, you can safely remove this file.
- X
It will not hurt your desktop icons, however, if you are a pr0n hound, you won't want to do this because you can't render image files.
Ok, cool. No problems there. :pQuote:
Originally posted here by thehorse13
It will not hurt your desktop icons, however, if you are a pr0n hound, you won't want to do this because you can't render image files.
This also works through the command prompt. I am trying to expoit my 'own' machine for learning purposes so every bit of information helps. Thanks CN22
Hello,
I just saw that Microsoft has released thier statement on this:
Well, that is reassuring. :verypisseQuote:
Microsoft is investigating new public reports of a possible vulnerability in Windows. Microsoft will continue to investigate the public reports to help provide additional guidance for customers.
...
Customers are encouraged to keep their antivirus software up to date. The Microsoft Windows AntiSpyware (Beta) can also help protect your system from spyware and other potentially unwanted software. We will continue to investigate these public reports.
...
Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This will include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs.
You can find the whole article here: http://www.microsoft.com/technet/sec...ry/912840.mspx
-Deeboe
Damn...wont be implementing this fix, will go with Soda's. :oQuote:
Originally posted here by thehorse13
It will not hurt your desktop icons, however, if you are a pr0n hound, you won't want to do this because you can't render image files.
Thanks hoss.
FYI: We started filtering (stripping off) WMF attachments from emails as a precaution.
(...waits for patch from MS...)