how seriuos do I have to take the newest Windows flaw?
here in holland they are makeing a big deal out of this, its all over the news: quote: "the biggest Windows securety leak ever!"
How do I limeted risk?
should I download the unofficial patch?(the official Microsoft patch is due for the 10th)
any info welcome.
regards
wmf-leak
-
Counterparts
- Posts: 1963
- Joined: Tue Aug 19, 2003 4:00 pm
- Location: Bath, England
Take it very seriously. Do not use IE - merely viewing the file in IE means you will be infected. The exploit is in the Windows metafile header parsing, so if one of these files ends up anywhere on your HDD, and the system e.g. indexes it, or creates a thumbnail image from it, you are infected. If you do not use IE, do not e.g. click on one of these metafiles as this will lead to infection (but viewing the image will not infect you).virtualstudio wrote:
how seriuos do I have to take the newest Windows flaw?
here in holland they are makeing a big deal out of this, its all over the news: quote: "the biggest Windows securety leak ever!"
How do I limeted risk?
should I download the unofficial patch?(the official Microsoft patch is due for the 10th)
any info welcome.
regards
They can even pretend to be a jpeg image, for example. IE will correctly identify it as a metafile and then parse the file - bang, you're infected.
Do not open or view any images in suspect emails - delete them.
To be honest, you're best off using a Unix-flavoured system/browser for internet access at the moment!
Royston
-
Counterparts
- Posts: 1963
- Joined: Tue Aug 19, 2003 4:00 pm
- Location: Bath, England
The unofficial patch is available here:
http://www.hexblog.com/index.html
If you use IE to browse t'internet, I would strongly recommend installing this patch.
http://www.hexblog.com/index.html
If you use IE to browse t'internet, I would strongly recommend installing this patch.
-
virtualstudio
- Posts: 451
- Joined: Tue Jun 11, 2002 4:00 pm
- Location: Terranova-Amsterdam
the offical http://www.microsoft.com/athome/securit ... 1_WMF.mspx is there to, it came earlyer.
-
paulrmartin
- Posts: 2445
- Joined: Sun May 20, 2001 4:00 pm
- Location: Montreal, Canada
Why do people still use IE?
I mean, there's been something like 1 major flaw, backdoor, hole and whatnot found in it every week since Windows has been available.
It kind of reminds me of a scene in the Simpsons where Lisa puts electricity on some muffins and Bart keeps trying to grab them, saying ouch every time but still incapable of grasping the concept that something's wrong with them.
RedSun .:.
I mean, there's been something like 1 major flaw, backdoor, hole and whatnot found in it every week since Windows has been available.
It kind of reminds me of a scene in the Simpsons where Lisa puts electricity on some muffins and Bart keeps trying to grab them, saying ouch every time but still incapable of grasping the concept that something's wrong with them.
RedSun .:.
Indeed.
IE is the biggest piece of dog poo ever to be squeezed from the old dog's filthy bottom.
Microsoft chiefs have shot one massive hole in their own companies feet through not helping & cooperating with the web community (specifically W3C) Through sloppy workmanship in general & in the case of IE on the web, threough not updating the software regularly enough with clean support of up to date web standards.
IE SUCKS .. big salty boll**ks
IE is the biggest piece of dog poo ever to be squeezed from the old dog's filthy bottom.
Microsoft chiefs have shot one massive hole in their own companies feet through not helping & cooperating with the web community (specifically W3C) Through sloppy workmanship in general & in the case of IE on the web, threough not updating the software regularly enough with clean support of up to date web standards.
IE SUCKS .. big salty boll**ks
Spirit, it's not FF to blame for that, it's actually Microsoft. Due to Microsoft & IE's lack of support for current web standards, web developers are having to do all sorts of 'workarounds' in their code to get todays code standards to display & funtion correctly in IE which hasn't seen a suitable update outside security for *YEARS*. This results in people trading off & saying, well if so many people are still using IE, I should probably code my site to work on that first & foremost ... wrong
Microdollar are being left behind with petted lips on this one with their crappy old browser, while Mozilla, Opera & Safari on the Mac, run away with the future of web browsing
Microboz are screwed in this respect unless they monopolise even more of the industry, which is a horrid but realistic thought.
Microdollar are being left behind with petted lips on this one with their crappy old browser, while Mozilla, Opera & Safari on the Mac, run away with the future of web browsing
Microboz are screwed in this respect unless they monopolise even more of the industry, which is a horrid but realistic thought.
-
Counterparts
- Posts: 1963
- Joined: Tue Aug 19, 2003 4:00 pm
- Location: Bath, England
I have finally found a browser that I like, and it's Mozilla.
I don't like IE because of security issues, mainly (and hey, it's by Microsoft). No tabbed browing either, which is a must as far as I'm concerned.
I don't like FireFox as it's such a *huge* resource hog and recently has had some serious security issues of its own.
I don't like Opera very much either - it tends to crash and is only compatible with about 10% of the internet :/
Mozilla simply works and doesn't cause me to tear my hair out or swear at my computer.
I think the current version is 1.7.12 - try it out, you might be pleasantly surprised.
Royston
<font size=-1>[ This Message was edited by: Counterparts on 2006-01-06 06:14 ]</font>
I don't like IE because of security issues, mainly (and hey, it's by Microsoft). No tabbed browing either, which is a must as far as I'm concerned.
I don't like FireFox as it's such a *huge* resource hog and recently has had some serious security issues of its own.
I don't like Opera very much either - it tends to crash and is only compatible with about 10% of the internet :/
Mozilla simply works and doesn't cause me to tear my hair out or swear at my computer.
I think the current version is 1.7.12 - try it out, you might be pleasantly surprised.
Royston
<font size=-1>[ This Message was edited by: Counterparts on 2006-01-06 06:14 ]</font>
This flaw affects any browser including
Firefox and Mozilla. Listen to security now.
http://www.grc.com/securitynow.htm
Patch here:
http://www.grc.com/sn/notes-020.htm
Firefox and Mozilla. Listen to security now.
http://www.grc.com/securitynow.htm
Patch here:
http://www.grc.com/sn/notes-020.htm