And Just One More Thing

Mainly computer and world related comments and postings.

Thursday, January 05, 2006

The tense period has passed. Thankfully. And no one was hurt.

Unless you consider over a million infected PC's means no one was hurt.

I don't know how I feel about it. On the one hand, one million PC's is nothing if you're Microsoft, but on the other hand, if you're grandma and one of those computers happens to be yours, it hurts quite a bit. Especially if grandma has to take her computer to the local 'pc discount store' and pay them $100.00 to clean it up. I don't know about you, but it's not something that makes me all warm and fuzzy.

So, if you haven't heard, Microsoft have released their patch for the .wmf vulnerability today. You can get it by visiting the windows update site at:
Their Web Based Update Site

Here are instructions for any of you that applied the third party patch and un-registered your .dll file.

1. Reboot your system to clear any vulnerable files from memory
2. Download and apply the new patch from the above mentioned site.
3. Reboot
4. Uninstall the unofficial patch, by using one of these methods:
a. Add/Remove Programs on single systems. Look for "Windows WMF Metafile Vulnerability HotFix"
b. or at a command prompt:
"C:\\Program Files\\WindowsMetafileFix\\unins000.exe" /SILENT
c. or, if you used msi to install the patch on multiple machines you can uninstall it with this:
msiexec.exe /X{E1CDC5B0-7AFB-11DA-8CD6-0800200C9A66} /qn
5. Re-register the .dll if you previously unregistered it (use the same command but without the "-u"):
regsvr32 %windir%\\system32\\shimgvw.dll
6. Optionally, reboot one more time just for good measure (not required, but doesn't hurt)

We tested the patch, and it does block the attack just like the unofficial patch does.

I've very happy that the patch has finally been released and that we can go back to normal. Having said that, it still doesn't help the millions and millions of users out there that don't have automatic updates turned on and that don't even know there is a vulnerability out there in the first place. However, at least we've done our part to help educate users about the dangers and if it helped minimize any virus infections, it was worth it. Again, pass on the word or links to this website to help do your part.

The only last remaining bit of uncomfortable feeling I have now is the fact that this patch was only released for Win2K, Win2003, and WinXP. What about the millions of Win98 and WinME boxes out there? A lot of people keep running Windows 98 because it's a great platform to run games on. Since these computers won't be getting updates, there is still the potential of a pretty nasty virus and/or worm to take advantage of the vulnerability. I guess we'll just have to wait and see. And that's exactly what Microsoft is doing.



Post a Comment

<< Home