Third Party WMF patch



The F-secure blog is reporting on a third party patch for the WMF exploit. I have not tested it, it seems to come from a knowledgable source though. As I’m writing this though, the thought strikes me that a really nasty trick would be a claimed fix that actually exploited the vulnerability. It pays to check up on the source of ANY third-party fix for Windows (or any other operating system or software suite…) Anyway, this seems to be a good source though. He’s the primary author of IDA Pro (Interactive Disassembler Pro).


For someone htat’s REALLY anxious for a fix other than the unregister workaround this looks like a good option. He describes it in the blog post linked to above. It basically is a dll that hooks into user32.dll and disables the SETABORT escape sequence in gdi32.dll

His fix is currently available only for Windows XP SP2 (64-bit as well) it will have an entry in add/remove programs. He suggests to remove it 1) if you have any problems with it and 2) when Microsoft patches the bug. In other words, when MS patches the problem uninstall this and install their patch.

It does not cause the problems with image browsing that the registry workaround does. He’s also asking for input on any experience with the patch (i.e. does this break anything?) The expected disclaimers for this apply…. (no responsibility for system breakage – read and decide for yourself if you want to try this.)

Related Posts

Blog Traffic Exchange Related Posts
  • How to Remove PC Scout | PC Scout Removal Guide PC Scout is another rogue application with a similar look and feel to the Windows Security Center. (It's also apparently a clone of the same family as ActiveSecurity (ActiveSecurity Removal) It likely installs through malware and the use of web popups. Once it's installed on your system it tries to......
  • Firefox zero-day vulnerability (or is it?) I saw a comment somewhere else that zero-day was overused and in essense ANY previously unknown vulnerability in open source software is technically zero day... the intent here though is to use the word in this context.... "vulnerability has been released without giving the vendor an opportunity to patch..." Yes,......
  • WMF exploit situation summary... Since there's been quite a bit of flux the last couple of days I thought I'd try to "reset" the situation and give a general overview of where we stand now with regards to the recent WMF zero-day exploit. 1st there is a vulnerability in the way Windows renders WMF......
Blog Traffic Exchange Related Websites
  • IBP Software Review search engine optimizationThe IBP software is very popular with big companies. Some of the companies known using it have been Ebay and Caterpillar but what is more important is how is it going to benefit you? The main benefits that the company claims is that it is a full SEO......
  • The elusive nature of happiness, part 1 I got a chance to read a bit on the flight we took recently. The US Airways September 2007 issue had some insights on happiness worth thinking about. The editor, Lance Elko, began the issue with his own letter in which he quoted: Happiness is a mystery, like religion, and......
  • Finovate Demos - Part 1 Here are some updates from the first batch of demos at Finovate. Authentium - Safe Central makes keystroke loggers or screenshot grabbers “blind.” Runs on top of Firefox. Prevents man in the middle and phishing. Credit Karma - Free credit score tracking using their proprietary scoring system. Cons are that......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site