WMF Exploit

A
flaw has been discovered in the WMF
(Windows Meta File) component of Microsoft's popular OS. Just browsing
to a dodgy website or following links on msn or in e-mails can lead to
trojan/worm infection. Exploit code is out in the wild, that's the problem.


MS will be releasing a patch the 10th of january, claiming that the patch
(which is finished, as we speak) should undergo major testing before it's
released. A lot of people (including me) claim that it is absolutely necessary
to release it now anyway. Compatibility problems are a lesser
category compared to the consequences of trojans. You can download Ilfak
Guilvanov's hotfix (an unofficial one, but it's perfectly safe, read all
about it here), which
should resolve the problem until the official patch arrives.


Again, I strongly recommend to install this temporary fix.

People using
Win95,98 or ME are screwed, by the way. No patch will be released by Microsoft,
which is in fact a shallow way of forcing people to buy yet another +100$
version of their product.

---

:: Forceflow.be :: Nuclear Dawn developer

Ooh a fix :smile: I posted about this (
http://www.snarkpit.net/forums.php?forum=1&topic=6309&8 )
already. There's another work around too... digs up

just been taking a look at this and just in case
anyone didn't realise (I didn't) the exploit doesn't work if you're
running DEP... you can check that DEP is switched on by going to
control panel > system > advanced > performance > settings

Data Execution Prevention

DEP requires Windows XP with Service Pack 2 and either and
Athlon64, Sempron with nxBit, and any Pentium with EMT64 or Celeron
with nxBit. Anything purchased within the last 18-12 months should have
this, but socket A semprons and some intel stuff are still at risk.

cheers forceflow. better to be safe than sorry.

---

i eat paint

It is said, that after MS released the patch, you can uninstall this thing (in the config screen, software part) before or after you did the Windows Update, but I'd suggest uninstalling it before that.

To quote the creator of this fix:

You may uninstall the fix before or after this fix from Microsoft. The
fix is written in a way that if it sees that the system has changed and
became incompatible, it will not interfere with the normal workflow.

---

:: Forceflow.be :: Nuclear Dawn developer

According to the BBC we may have to wait aother week for an official fix:
http://news.bbc.co.uk/1/hi/technology/4580852.stm

---

My site

Thanks for posting Forceflow. If this fix is just as good as the one MS will release I could just as well keep this one.

---

What the Snarkpitters listen to!

Just a nother reason never to click any links or go to any website other than snarkpit and wikipedia...

<3 my Amd64 with DEP.

I also have an AMD64, but I installed the patch anyway. Yet again, better safe than sorry.

---

:: Forceflow.be :: Nuclear Dawn developer