posible kilombo jodido

[Jorixine]

che, mi primo desde eeuu me mando esto y creo que deberia saberlo la ppl, es un msg del sysadmin de donde labura.

Mensaje de mi sysadmin:

> From: Steve Grandi <[email protected]>
> Date: 02 January 2006 14:13:50 MST
> To: [email protected]
> Subject: WMF Windows exploit
>
> Folks: We all know that the Internet can be a dangerous place.
> Especially for PCs running Windows....
>
> You have may have heard about the latest problem: called the WMF
> vulnerability after the type of image file (.wmf) that is the main
> vector for infection. Infected computers are likely to become
> components in "Zombie Nets" used by Organized Crime for blackmail
> and Spam/virus propagation. Some commentators are predicting that
> the WMF vulnerability will become a major disaster over the next
> few days...
>
> Please see http://isc.sans.org/diary.php?storyid=994 and http://
> http://www.infoworld.com/article/05/...ackers_1.html?
> 9809798 for details.
>
> So what do we do about it? First: Microsoft has NOT released a
> patch for the vunerability (presumably they will, eventually). So
> our usual mechanisms for protecting Windows systems are ineffective
> against this threat. (Hey. Microsoft: I'm working on a holiday,
> why aren't you?!?!).
>
> Second: If you are comfortable with tinkering with your computer,
> please do the following two exercises:
>
> Unregister the WMF DLL:
>
> * Click Start, click Run,
> type "regsvr32 -u %windir%\system32\shimgvw.dll" (without the
> quotation marks),
> and then click OK.
> * A dialog box appears to confirm that the un-registration
> process has succeeded. Click OK to close the dialog box.
>
> Install an unofficial (but vouched for by SANS) patch:
>
> http://handlers.sans.org/tliston/wmffix_hexblog13.exe
>
> (Be sure to use "Add or Remove Programs" in the Control Panel to
> remove this patch once the Official Microsoft Patch arrives).
>
> Third: If you are not comfortable with tinkering,
>
> DO NOT surf the web beyond the NOAO Intranet until this issue
> settles out.
>
> DO NOT use any Instant Messenger (IM) program until this issue
> settles out.
>
> Avoid (DO NOT open) any image files that may arrive via email.
>
>
> "And, hey - let's be careful out there."
> --
> Steve Grandi
> National Optical Astronomy Observatory/AURA Inc., Tucson AZ USA

chekeen que onda pero diria de darle bola

[Tenshi]

la gente de cyruxnet subi&#243; la versi&#243;n 1.4 del parche:

http://www.cyruxnet.org/download/wmffix_hexblog14.zip

cabe aclarar que firefox 1.5 no es vulnerable

[Yandros]

aguante FF carajo!! pero mi hermana me usa la pc y utiliza IE, que onda ese parche Tenshi? ejecuto y listo?

[Tenshi]

sip, al parecer el parche funca en win 2k, xp sp1 y sp2, xp64 y 2k3; y no en win 9x nt me

el parche al parecer trabaja directamente sobre la librería que tiene la vulnerabilidad, así que no deberías correr riesgo con ningún programa que visualice un wmf... pero no leí mucho sobre el tema y no instalé éste parche así que no te puedo decir bien :(

acá tenés un FAQ:
http://www.hexblog.com/security/wmffix_faq.html

[Yandros]

Microsoft acaba de hacer p&#250;blico que publicar&#225; una actualizaci&#243;n de seguridad que corrige el problema el Martes, 10 de Enero del 2006. La actualizaci&#243;n estar&#225; disponible en Windows Update, el Centro de Descargas y Microsoft Update.

Los usuarios que hayan usado el parche no oficial de Ilfak, deber&#225;n desinstalarlo e instalar la actualizaci&#243;n de Microsoft.

no lo instale despues de leer eso, mejor esperar.

[MattSoulblade]

Parece q todo indica q voy a tener q empezar a usar ff, si estos papazos de microsoft no hacen nada...
PD: YA me estoy bajando el firefox, fuck.