Update on the WMF exploit – more sites to block



I haven’t checked to see if these are already on other block lists for the WMF exploit, but the following addresses are advised to be blocked (from f-secure)….

toolbarbiz[dot]biz
toolbarsite[dot]biz
toolbartraff[dot]biz
toolbarurl[dot]biz
buytoolbar[dot]biz
buytraff[dot]biz
iframebiz[dot]biz
iframecash[dot]biz
iframesite[dot]biz
iframetraff[dot]biz
iframeurl[dot]biz


The “unregister workaround” is the best at this point because it will prevent ANY file extension image being used to trigger the exploit. It is possible for other image types to be used.

1. Click Start, click Run, type “regsvr32 -u %windir%system32shimgvw.dll”
(without the quotation marks), and then click OK.
2. A dialog box appears to confirm that the un-registration process has succeeded.
Click OK to close the dialog box.
Impact of Workaround: The Windows Picture and Fax Viewer will no longer be started
when users click on a link to an image type that is associated with the Windows Picture and Fax Viewer.

From… f-secure reporting on MS security advisory.

Related Posts

Blog Traffic Exchange Related Posts
  • WMF exploit situation summary... Since there's been quite a bit of flux the last couple of days I thought I'd try to "reset" the situation and give a general overview of where we stand now with regards to the recent WMF zero-day exploit. 1st there is a vulnerability in the way Windows renders WMF......
  • Microsoft vulnerability whack-a-mole continues..... Translation - Microsoft patched one vulnerability another surfaces.... Incidents.org brings us the frustrating news.... If you remember the month of browser bugs series of exploits back in July, there was a denial of service there that appears to have code execution after all. Coincidence or not, it got publicly released......
  • WMF 0-day update Last night while I was in the midst of infecting a virtual machine, Microsoft issued a release that there's a "possible vulnerability"... fortunately, their technical document is a bit more straightforward... technet advisory here. Spyware Confidential also has a good roundup on the coverage so far. There's a bit more......
Blog Traffic Exchange Related Websites
  • 5 Free Security Softwares - Must Use Here are 5 Free Security Softwares that you can use to combat your fear against Adwares, Viruses, Trojans, etc. 1.Avast Home Edition: Best Free Antivirus Avast is one of the best antiviruses I recommend to my friends. It is free and has many features which many of the Antiviruses lack.......
  • How To Secure Your Wordpress Blog Security is always a major concern of bloggers and online business owners using a wordpress platform. Wordpress developers also emphasize a lot on security in every upgrade. However, even then vulnerabilities still occur. It can be your fault or your Web host fault. Before a hacker breaks into your wordpress......
  • 7 Tips for Printing Web Pages Printing web pages is very useful for many people. Business owners might need to print web orders or invoices. Online shoppers may print the confirmation page for a recent order. Also, people who pay bills online may print pages for their records. Whatever the reason, printing web pages can be......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site