Build Your Own Arcade Controls Forum
Main => Everything Else => Topic started by: mr.Curmudgeon on January 02, 2006, 01:26:32 pm
-
This is bad. Tomorrow, everyone goes back to work and fires up there systems...security specialists around the web fear a major meltdown.
It's embedded in image (.wmf) files and takes advantage of an exploit in IE. So simply viewing any page containing malicious code will infect your system. Very nasty.
Info:
http://isc.sans.org/diary.php?storyid=994
http://www.metafilter.com/mefi/47964
http://www.microsoft.com/technet/security/advisory/912840.mspx
So far, Microsoft has absolutely NO official solution (big surprise). But in the meantime, there are several things you can do.
1) Run firefox. It's immune to this particular exploit.
2) Unregister the vulnerable .dll.
- Disable: Start > Run > regsvr32 /u shimgvw.dll
- After MS releases a patch you can restart it like so:
- Enable: Start > Run > regsvr32 shimgvw.dll
UPDATE: Some are saying that this doesn't protect you from the latest version of the exploit. :(
3) Reassign .wmf files to notepad.
4) Install third-party patch. (LINK (http://www.grc.com/sn/notes-020.htm))
- It's from Gibson Research. Trusted source.
5) Buy a mac.
Anyone else got any ideas?
mrC
-
Another wonderful reason to use FireFox.
-
Additional step: Turn off Google Desktop for the time being.
mrC
-
I'm at work right now, and have blocked all outgoing web traffic (port 80 and 443 at least) at the corporate firewall. Even still, I'm not expecting tomorrow to be pretty.
-
I'm glad I have the day off. (and that I use Firefox)
We'll see, tomorrow, if this is overhyped.
mrC
-
this thing has been out for a month now...They told us to refrain from using IE at that time....
-
this thing has been out for a month now...They told us to refrain from using IE at that time....
I think the major issue now is that security specialists have recently caught upwards of 10 exploits in the wild. A vulnerability is one thing, but now people are punching through it.
I can't believe MS hasn't issued a patch, given what you've said above.
mrC
-
What is this virus/worm/trojan expected to do that is so terrible?
-
I don't remember exactly what the e-mail all stated but they basicaly said not to use IE until furhter notice and have sent remiders weekly about it.
as far as a MS patch I'm thinking MS sent one out a week and 1/2 to two weeks ago but it didn't help....
-
What is this virus/worm/trojan expected to do that is so terrible?
Via Microsoft: "An attacker who successfully exploited this vulnerability could gain the same user rights as the local user."
So basically, much like other worms/viruses...remote users gain control of any number of systems for their own nefarious purposes. This virus is different in that is all you have to do is simply look at an infected image to get it. The fear is that it may spread quickly and stealthily.
The fact that Microsoft hasn't taken steps to correct it yet, by releasing a patch, is really the biggest issue.
mrC
-
FedoraTime!
-
Hmmmm....and now is seems, with the more I read, that not even Firefox may be 100% safe (since, it too utilizes GDI, where the vulnerability lies). Haven't been able to confirm this yet.
But there's this: "Firefox and Thunderbird WILL PROBABLY make you safer. Mozilla apps use their own image rendering libraries, and you would have to download and open a WMF file (which you would be prompted to do in recent versions - FF 1.5 to be safe) to be infected. So you would not be AUTOMATICALLY infected with recent versions of Firefox."
mrC
-
Yay! I alreadt have FF 1.5 and TB 1.0.7!
-
What is this virus/worm/trojan expected to do that is so terrible?
Mess up your computer, give you crabs, bad breath, dysentery, and double the offensiveness of your body odor.
Women may also find you unattractive.
-
Can somebody post an infected picture so I can see what it does to my network? :)
-
Can somebody post an infected picture so I can see what it does to my network? :)
I'd e-mail this to as many people as possible within your network. Mebbe if they see what can happen if this virus hits their PC, they'll think twice about ever using the intar-webs
(http://www.abimelec.com/Images/PCCPScopier.jpg)
-
What is this virus/worm/trojan expected to do that is so terrible?
Mess up your computer, give you crabs, bad breath, dysentery, and double the offensiveness of your body odor.
-
this thing has been out for a month now...They told us to refrain from using IE at that time....
Where I work, we are only allowed to use IE. Any other browser is blocked at the personal firewall level and we don't have admin rights to our own boxes in order to change that.
-
I don't know why Microsoft just don't release a security patch with added Chuck Norris.
-
I don't know why Microsoft just don't release a security patch with added Chuck Norris.
Bill Gates doesn't want to pay brazilians of dollars just to improve his patch-fu when he can just keep fixing his stuff just enough to make you think it's ok.
Chuck Norris has sent him a letter telling him he can't use his name either ;D
-
For once, I got nothing to fear at work.
Our network is so complex and congested, the users have trouble accessing let alone viruses.
I'd be more worried for the virus if it managed to get past our 'security' measures.
-
You could always "back porch" your keyboard and put a stop to any wrong-doing.
-
I prefer to smash it across the back of a lower-class employee's head.
-
Temporary patch -=here (http://www.grc.com/sn/notes-020.htm)=-
-
Silly naive people.
There is no money in making software.
There is money in supporting software.
-
Grr....I hate these people. I don't have time for this right now. I patched all the PC's in the smaller of my two biggest offices, but I can't get to my biggest office until this afternoon and that's about 60-70 workstations. Please let it be a slow internet day at work today.
-
The first day back from the holiday season? You'll be lucky if the average net surf time today is less than 6 hours.
-
Silly naive people.
There is no money in making software.
There is money in supporting software.
Are you sure that's not supposed to be about printers?
-
That's supposed to be about life.
-
Mission told me I skuc at teh lyf. Is that the same thing?
-
No, teh lyf is different from life.
-
Blame Bush. Actually, no, this time I will blame Gore, since he invented the Internet.
Heres a post from another forum I frequent
Apply the patch and be protected...... This is a third party patch we have tested at 3 campuses (UCLA, UC Santa Barbara and here). Microsoft won't release one until next week. Install this one now if you want immediate protection. I am doing a release of this patch to 5000 users as we speak at University California Riverside where I work.
Link to the patch (http://isc.sans.org/diary.php?storyid=1010)
You can send me questions about this if you want at larry@ucr.edu
Take care forum members,
Larry McGrath
*edit* I use Opera so I don't have to worry about this thing :)
-
I hear Bush made the virus reports, then made a "patch" which really is a virus, and is now laughing his ass off while everyone rushes to install his new virus to protect themselves from his hoax virus.
Bush is a clever one, that Bush.
-
God, what a bunch of pathetic Bush haters! You are blinded by your rage! Can you think of nothing else?
mrC
-
I blame Bush for your congenital inability to be funny.
-
I blame Bush for your congenital inability to be funny.
Panties bunched much?
mrC
-
Say panties bunched much 5 times fast.
-
Panties bunched
Panties bunched
Panties bunched
Panties munched
Panties munched
-
See? Knew that would happen.
-
God, what a bunch of pathetic Bush haters! You are blinded by your rage! Can you think of nothing else?
mrC
I often find myself pondering Socrates immortal words "I drank what?"
And sometimes I wonder if you could travel the speed of light in your car, would your headlights work?
-
I often find myself pondering Socrates immortal words "I drank what?"
And sometimes I wonder if you could travel the speed of light in your car, would your headlights work?
Val Kilmer was funny back then...
-
And sometimes I wonder if you could travel the speed of light in your car, would your headlights work?
is it day or night time?
-
I blame Bush for your congenital inability to be funny.
I thank Bush that MrC's congenitals are friggen hilarious. It's not been declared, but the disfigurement of them is obviously Bush's fault.
-
So he has that same problem that ---Smurfette--- has?
-
ok, i just woke up from a nightmare that i'd been infected. i tried to find this friggin thread the whole dream, but the virus had blocked access to all the helpful sites. if it's anything like this dream, be scared.
so i first noticed something was up when my desktop and start menu had been converted to a windows 95 display. i checked the display settings to see if my graphics card had been turned down, but i couldn't access that. i was in a panic when i saw an icon at the top right that said "delete trojan." i was hesitant at first, but i thought might as well delete it if i can. this window showed me how many files were being deleted, and i got concerned after the system files row kept increasing even after the virus files were removed. i shutdown my computer, and the start menu links only showed the original ones from windows 95. at this point, i kind of knew i was f-ed and steaming at whoever used IE.
firefox was unusable also, so i decided to search my trailer park for working computers to fix the problem. every computer i touched turned to crap and may already have been infected. i managed to do a google search that turned up only 25 results, and i still couldn't access this thread. i knew i was at the point of no recovery when the dancing woman gif appeared all over my screen.
well, it turns out that the working computers were on the side of the bowl game team that was winning. i decided to do battle against the dudes from the madden show, even though my side was down by 3 touchdowns. i got within a touchdown when i decided to try to use their computers, but i got all confused as the dream ended.
this may not even be the worst thing that can happen...
-
Thats plain sad.
As for that fix that MrC posted. Does that make Picture and Fax Viewer not work?
-
insert random and odd spewing of crap that makes less sense than a saddle on a snail
fIXt
-
i think any 10-year-old with a working knowledge of a pc could understand that. was it the start menu that confused you?
-
You're being obstinate that he didn't listen to a random dream you had about crap that doesn't concern him?
-
Ahh! Virus is coming! End of the internets! USA can't win war in Iraq! Ahhh! Kennedy is going to retire! NO!!!
Art
-
Kennedys don't retire, they die in office.
-
oh, that's so cold.
-
Uncalled for, too, since the first two were actually good men.
Ted, however, is going to be in office until his liver explodes, decompose in his chair, and somehow still get reelected by the idiots of this state.
-
I thank Bush that MrC's congenitals are friggen hilarious. It's not been declared, but the disfigurement of them is obviously Bush's fault.
I've already asked you before to stop peeking under my dress!
mrC
-
Ahh! Virus is coming! End of the internets! USA can't win war in Iraq! Ahhh! Kennedy is going to retire! NO!!!
Art
So you support preemptive war, but not preemptive virus protection? Interesting philosophy you've got there. Very well-rounded.
Btw, you do realize that almost every single post you've had recently has something to do with Mr.Bush or politics, right? (And you say I'm obsessed)
mrC
-
So you support preemptive war, but not preemptive virus protection? Interesting philosophy you've got there. Very well-rounded.
Not sure I have a philosophy. That sounds so grown up.
Btw, you do realize that almost every single post you've had recently has something to do with Mr.Bush or politics, right? (And you say I'm obsessed)
mrC
Yeah. Now you understand what the rest of us think of you. Thanks for feeling our pain.
Art
-
Yeah. Now you understand what the rest of us think of you. Thanks for feeling our pain.
"The rest of us", as in, the few conservative, right-wingers? Who mostly seem like a bunch of reactionary apologists; sore at any critique at all of Republican leadership, and simply "feel bad" for Bush. I mean, for God's sake, ChadTower directly stated as much, when he hasn't cloaked it in the guise of "defending the office of the Presidency."
Quote: "Most of the reason I defend him, when I do, is because I get sick of all of the one note idiots out there screaming "BUSH BAD BUSH BAD"." (I mean, how's that for validity?)
I've lately only been replying to sucker-punch comments from you righties...so if you have a problem discussing politics, stop posting about politics. These inane attacks are only fueling my posts. You guys are now a bad parody of what you claim to despise. You guys are, like, preemptively defending Bush now. It's hilarious. I couldn't care less about Bush...he's toast, lame-duck. Whether the Dems can (or should) step up to fill the void in leadership left by the thoroughly corrupt GOP remains to be seen, but either way....it's you guys that haven't been able to let go of the politics (I mean, what does me being a Liberal have to do with getting married, researching moths, etc) and I'm going to hazard a guess it's because you're so bitter about the way things are going for your party lately.
I'll post less political responses, but only when you stop derailing threads to post unwarranted attacks on my ideology. Otherwise, stop whining about it and expect more of the same.
If you were doing it in jest, that'd be one thing...but now it just seems as bitter as any of this mythical "Bush Bashing" that gets you so upset.
mrC
-
Yes, let's stop with the sucker punching.
Us warmongers are far better at carpet bombing.
Look, dude, no one really has a problem with Bush bashing. All you have to do is post about something else once in a while. It would be particularly effective if you did it outside of EE. That is what people used to ask of you.
-
Look, dude, no one really has a problem with Bush bashing.
-
All you have to do is post about something else once in a while.
And I have...but it hasn't stop the whining. Please stop the whining, that's all I ask of you guys. Whether or not I post in EE or elsewhere, really shouldn't be any of your concern.
EDIT: Unless we can get you a little orange vest and hat!
(http://www.websoft-solutions.net/photos/NS-TV25-2T.jpg)
ChadTower: Post Patrol!
mrC
-
"The rest of us", as in, the few conservative, right-wingers?
No, everyone. I believe I speak for everyone, except those guys.
You can't see past politics at all. There are more than right/left wingers here. Most of us are arcade builders. I think YOU do fall into the Left only/no arcade category though.
You guys are now a bad parody of what you claim to despise.
mrC
The comedy cops are at it again.
Art
-
EDIT: Unless we can get you a little orange vest and hat!
(http://www.websoft-solutions.net/photos/NS-TV25-2T.jpg)
ChadTower: Post Patrol!
Dude, be better at this. I'm the Cop from the Village People, not the construction guy.
-
You can't see past politics at all. There are more than right/left wingers here. Most of us are arcade builders. I think YOU do fall into the Left only/no arcade category though.
So, in other words...you won't stop whining?
mrC
-
I'm not whining. I'm laughing my arse off.
I'll wait to see the new, politics-less arcade mrc.
Art
-
I'll wait to see the new, politics-less arcade mrc.
Wacka, wacka, wacka.... (http://forum.arcadecontrols.com/index.php?topic=44853.msg464948#msg464948)
(http://images.google.com/images?q=tbn:LyzKqmSHxxcJ:www.noticiasdot.com/publicaciones/2005/0505/2105/noticias/images/pacman-02.jpg)
mrC
-
Re: WARNING: Major Windows/IE Virus Hits the Internets!
What do you mean ? My internet too ?
-
Sooo.......I haven't been hearing anything about this. Did it turn out to be a "sky is falling" thing? I've heard of only one person connected with me in any way who got it. My wife called and said that one of her coworker's parents got the virus.
I managed to put that patch on all my computers by mid-Tuesday morning so if this thing really is serious I'm glad I headed it off. But the fact that I haven't heard anything about makes me wonder how serious it really was.
-
My office is closed this week, so I have to wait and see. So far though, looks like it's blown over.
mrC
-
Official patch from MSFT:
http://www.microsoft.com/downloads/details.aspx?familyid=0C1B4C96-57AE-499E-B89B-215B7BB4D8E9&displaylang=en
-
Wow...MS initially said they would hopefully have the patch ready by the 12th. Anybody know if the beta patch from the Russian guy needs to be uninstalled? I really don't want to go around to each of my machines and uninstall it manually if I don't have to.
-
I would uninstall it - do you want to take the chance that some conflict between it and whatever Microsoft puts out won't occur, particularly since MS got beat to the punch (good, bad, or indifferent) and might be less than motivated to avoid such issues?
Wow...MS initially said they would hopefully have the patch ready by the 12th. Anybody know if the beta patch from the Russian guy needs to be uninstalled? I really don't want to go around to each of my machines and uninstall it manually if I don't have to.
-
MS has released their patch via windows update.