Computer Tips -Tech Info

Tag: DLL

  • Workaround for zeroday WMF exploit

    It’s worth repeating a few things here. There is a nasty exploit in the way that WMF images are parsed in Windows. This means that WITHOUT user intervention a system can be remotely exploited and through that exploit various software (spyware, viruses, other malware) can be installed. There is no patch at this moment, I don’t know of my AV vendors that detect it (f-prot seems to according to their blog posts.) There is a workaround TO PREVENT INFECTION. If the system is already infected, reinstallation may be the only solution.

    (more…)

  • More on the Windows WMF zero-day exploit

    There seems to be quite a bit developing on the Windows Meta File (WMF) zero-day (0-day) exploit which was first reported yesterday. Sans has raised their alert level to yellow in an effort to get attention to this problem. It looks like the original site serving the exploit is down, but now it’s being served MANY places. Here are more details from f-secure…

    (more…)

  • Disinfecting a PC… part 6

    Ok, it’s BHOdemon time… installed from cd and on starting:

    BHOdemon bhotb-all.html not found, no web connection downloading on other machine.

    Finally get it to work copying from another machine. But I had to change the Windows ME to show full filenames to help troubleshoot why it couldn’t find the file (naming problem.) (There seems to be a strange display problem on setting “don’t hide file extensions” menu, (I can’t see the check boxes or the checkmarks…. I managed to toggle them “blind” to show file extensions)…

    (more…)

  • Disinfecting a PC… part 1

    This is the first in a several part series documenting the cleaning of an infected PC. The only real noteworthy item is that it was a dial-up only connection and was rather infested for that. (On par with some of the broadband connected pc’s I’ve seen. It’s also an interesting counterpoint to the network security series.)

    (more…)

  • Update on Internet Explorer Zero Day exploit

    Yesterday I mentioned a SANS report on a possible zero day exploit against Internet Explorer. Today they have more details in the handlers diary. Among other things SANS has issued a patch for it.

    (more…)