Welcome, Guest. Please Login 3dfx Archive
 
  HomeHelpSearchLogin  
 
Page Index Toggle Pages: 1
Send Topic Print
WINDOWS EXPLOIT ALERT!!! (Read 347 times)
NitroX infinity
YaBB Moderator
*****
Offline



Posts: 1936
The Netherlands
Gender: male
WINDOWS EXPLOIT ALERT!!!
02.01.06 at 22:20:20
 
Read:

http://isc.sans.org/diary.php?date=2006-01-01

http://www.hexblog.com/2005/12/wmf_vuln.html

Download & Install:

http://www.hexblog.com/security/files/wmffix_hexblog13.exe

For those who don't understand, I'll type an explanation shortly, needed to get this up first.

Explanation:

There is a serious flaw in EVERY Windows version since Windows 3.0. The flaw is located in the code which deals with the so-called Windows Meta Files.
It allows another person to take over your computer quite easily. There is NO official fix from Microsoft, your are NOT safe with XP SP2. This exploit affects EVERY Windows version!.

Install the patch from the download link and you're safe for the meantime. Once Microsoft releases a fix, you should uninstall this unofficial one and then install Microsoft's fix.

If you've opened a file called HappyNewYear.jpg (received through email) than you are already infected!
I suggest you re-install Windows completely in that case.

Sorry for the shouting in the title, but this is serious enough to warrant it.
Back to top
« Last Edit: 02.01.06 at 22:49:11 by NitroX infinity »  
WWW  
IP Logged
 
NitroX infinity
YaBB Moderator
*****
Offline



Posts: 1936
The Netherlands
Gender: male
Re: WINDOWS EXPLOIT ALERT!!!
Reply #1 - 02.01.06 at 22:39:16
 
I'm bumping this one so it shows in the 'Last Updated Topic' on the forum-index.
Back to top
« Last Edit: 02.01.06 at 22:39:28 by NitroX infinity »  
WWW  
IP Logged
 
Chosen_One
Senior Member
****
Offline


Keeper of the BIOS-files...

Posts: 499
Germany
Gender: male
Re: WINDOWS EXPLOIT ALERT!!!
Reply #2 - 02.01.06 at 23:04:11
 
Quote:
If you've opened a file called HappyNewYear.jpg (received through email) than you are already infected!


i unregged the dll Wink
sorry...but i would not open a file with this obvious name!
Back to top
 
WWW  
IP Logged
 
NitroX infinity
YaBB Moderator
*****
Offline



Posts: 1936
The Netherlands
Gender: male
Re: WINDOWS EXPLOIT ALERT!!!
Reply #3 - 03.01.06 at 11:05:45
 
Not advisable to just 'unregister' the DLL since it can be 're-registered' by outside sources. Your approach is not a completely safe one.
Back to top
 
WWW  
IP Logged
 
Chosen_One
Senior Member
****
Offline


Keeper of the BIOS-files...

Posts: 499
Germany
Gender: male
Re: WINDOWS EXPLOIT ALERT!!!
Reply #4 - 03.01.06 at 21:04:51
 
oh...in this case of terror i will do something else...

i will use my rationality and do not open every file i get...and my spam filter is very well trained Wink
Back to top
 
WWW  
IP Logged
 
FalconFly
YaBB Administrator
*****
Offline


3dfx Archivist

Posts: 2445
5335N 00745E
Gender: male
Re: WINDOWS EXPLOIT ALERT!!!
Reply #5 - 03.01.06 at 21:41:13
 
Yep, a good Firewall and Common Sense are still the best defenses...
Back to top
 
WWW  
IP Logged
 
Obi-Wan_Kenobi
Ex Member


Re: WINDOWS EXPLOIT ALERT!!!
Reply #6 - 03.01.06 at 22:22:06
 
well I installed that file requested in this topic still no odd things hehe , but with a hardware Firewall I'm safe here Smiley But I installed it t be extra sure for safty Wink that shouldn't be a prob I suppose.
Back to top
« Last Edit: 03.01.06 at 22:22:40 by N/A »  
 
IP Logged
 
paulpsomiadis
God Member
*****
Offline


-=3Dfx still rox!=-

Posts: 2011
Newcastle U.K.
Gender: male
Re: WINDOWS EXPLOIT ALERT!!!
Reply #7 - 04.01.06 at 00:58:47
 
The site where the fix is located has gone down due to HUGE bandwith overload! Sad

Does anyone have a mirror link? (or better still - can mirror the file?) ???
Back to top
 

-=To MOD or not to MOD, that is a DUMB question - just MOD it!=-&&&&+May God stand between you and harm in all the empty places you must walk.+
themadhaxor  
IP Logged
 
NitroX infinity
YaBB Moderator
*****
Offline



Posts: 1936
The Netherlands
Gender: male
Re: WINDOWS EXPLOIT ALERT!!!
Reply #8 - 04.01.06 at 01:10:00
 
Back to top
 
WWW  
IP Logged
 
TM30
God Member
*****
Offline



Posts: 1108
Germany
Gender: male
Re: WINDOWS EXPLOIT ALERT!!!
Reply #9 - 04.01.06 at 01:25:10
 
hehe and when this "fix" is the virus  Roll Eyes

... just joking  Grin
Back to top
 
 
IP Logged
 
paulpsomiadis
God Member
*****
Offline


-=3Dfx still rox!=-

Posts: 2011
Newcastle U.K.
Gender: male
Re: WINDOWS EXPLOIT ALERT!!!
Reply #10 - 04.01.06 at 19:41:31
 
If people are squeamish...then here's a more reliable link.

http://handlers.sans.org/tliston/WMFHotfix-1.1.14.msi
Back to top
 

-=To MOD or not to MOD, that is a DUMB question - just MOD it!=-&&&&+May God stand between you and harm in all the empty places you must walk.+
themadhaxor  
IP Logged
 
Page Index Toggle Pages: 1
Send Topic Print