Classic tech archive.
From the original averyjparker.com tech blog — historical context; pair with modern guides where noted.
Full archive · Maker projects ·
Network Ninja
Classic tip · Classic
Update on the WMF exploit - more sites to block
I haven't checked to see if these are already on other block lists for the WMF exploit, but the following addresses are advised to be blocked (from f-secure).... toolbarbizbiz toolbarsitebiz toolbart…
I haven't checked to see if these are already on other block lists for the WMF exploit, but the following addresses are advised to be blocked (from f-secure)....
toolbarbizbizThe "unregister workaround" is the best at this point because it will prevent ANY file extension image being used to trigger the exploit. It is possible for other image types to be used.
toolbarsitebiz
toolbartraffbiz
toolbarurlbiz
buytoolbarbiz
buytraffbiz
iframebizbiz
iframecashbiz
iframesitebiz
iframetraffbiz
iframeurlbiz
1. Click Start, click Run, type "regsvr32 -u %windir%\system32\shimgvw.dll" (without the quotation marks), and then click OK.From... f-secure reporting on MS security advisory.
2. A dialog box appears to confirm that the un-registration process has succeeded. Click OK to close the dialog box.
Impact of Workaround: The Windows Picture and Fax Viewer will no longer be started when users click on a link to an image type that is associated with the Windows Picture and Fax Viewer.