Agent 86 wrote:

Scott Dorsey wrote:

Pooh Bear wrote:

Your response is typical " oh it won't happen to me ".

It won't happen to me, because I won't put a Microsoft operating system
on the network.

Hell, I won't put any M$ software of any kind in any computer I own. My
employer's win2K laptop does get connected to my home network, but it's
their problem. And it beats driving 95 miles into the office every f^%#$&
day. I don't think there's much risk in that one winbows box infecting any
of my Debian boxes or my hardware router or print server. If it does, they
don't want to see my next expense report,

Most ppl don't have the luxury of avoiding Windows. They need to use everyday
applications that other ppl use.

Graham

Fred wrote:

I was forwarded an alert on this from a friend at Lawrence Berkeley Labs today. See

http://www.lbl.gov/cyber/vulnerabilities/wmf_vuln.html

They are recommending the following "unofficial" patch, which has been tested and approved by a number of security organizations
including CERT, be downloaded and installed on all their windows computers until Microsoft comes out with something (expected next
Tuesday Jan 10):

http://www.lbl.gov/cyber/vulnerabili..._hexblog14.exe

Not sure if this is the same patch described in the link below, but LBL wants their people to install this patch *instead of*
unregistering shimgvw.dll, which they believe to be ineffective.

This certainly appears to be the 'received wisdom' from most trusted sources.

Graham

Fred wrote:
I was forwarded an alert on this from a friend at Lawrence Berkeley Labs today. See

http://www.lbl.gov/cyber/vulnerabilities/wmf_vuln.html

They are recommending the following "unofficial" patch, which has been tested and approved by a number of security organizations
including CERT, be downloaded and installed on all their windows computers until Microsoft comes out with something (expected next
Tuesday Jan 10):

http://www.lbl.gov/cyber/vulnerabili..._hexblog14.exe

Not sure if this is the same patch described in the link below....


Yes, it is the same patch.


"Jim Gilliland" wrote in message ...


Unregistering the DLL is certainly a smart move, though. You can also try using a temporary - and very unofficial, since it
didn't come from Microsoft - patch that was referenced earlier in this thread. The patch simply adds a new DLL that intercepts
the obsolete call and renders it harmless. The patch is described he

http://isc.sans.org/diary.php?rss&storyid=994

The good thing about this patch is that it actually traps the specific function within GDI32. So even if some malicious coder
discovers another path to reach it, this patch should protect you.

Jim Gilliland wrote:

Yes, it is the same patch.

Please trim the excess post you're not replying to.

Graham

Pooh Bear wrote:

Please trim the excess post you're not replying to.

I did. I left exactly what I intended to leave to provide context for
the reply. Go back and take a look at the post to which I replied and
see for yourself.

... *instead of*
unregistering shimgvw.dll, which they believe to be ineffective.

BTW, I unregistered this dll and renamed it. XP replaced it but left
it unregistered. The side effect that I found was I was NO longer
able to view thumbnail images in Windows Explorer which is something I
use a lot.

....Moose

Not sure if this is the same patch described in the link below, but LBL wants their people to install this patch *instead of*
unregistering shimgvw.dll, which they believe to be ineffective.

Oh, that is the same patch described before...

Moose

wrote:

BTW, I unregistered this dll and renamed it. XP replaced it but left
it unregistered. The side effect that I found was I was NO longer
able to view thumbnail images in Windows Explorer which is something I
use a lot.

This is just what the Microsoft note said would happen. I suppose you
use those thumbnails to find pictures of your wife, baby, guitars, and
studio, and not nekkid ladies that you downloaded from porn web sites.
g

http://www.microsoft.com/technet/sec.../MS06-001.mspx

"Richard Crowley" wrote in message
...
http://www.microsoft.com/technet/sec.../MS06-001.mspx
www.microsoft.com homepage has a link to the update.

geoff

Richard Crowley wrote:
http://www.microsoft.com/technet/sec.../MS06-001.mspx



What utter assholes. From the FAQ:

"Are Windows 98, Windows 98 Second Edition, or Windows Millennium
Edition critically affected by one or more of the vulnerabilities that
are addressed in this security bulletin?

No. Although Windows 98, Windows 98 Second Edition, and Windows
Millennium Edition do contain the affected component, the vulnerability
is not critical because an exploitable attack vector has not been
identified that would yield a Critical severity rating for these
versions. For more information about severity ratings, visit the
following Web site."

98's not vulnerable because it hasn't been attacked to their knowledge,
although it can be successfully if anyone tries. Only those *******s
could find that to be logical.


Bob
--

"Things should be described as simply as possible, but no simpler."

A. Einstein

Bob Cain wrote:

Richard Crowley wrote:
http://www.microsoft.com/technet/sec.../MS06-001.mspx



What utter assholes. From the FAQ:

"Are Windows 98, Windows 98 Second Edition, or Windows Millennium
Edition critically affected by one or more of the vulnerabilities that
are addressed in this security bulletin?

No. Although Windows 98, Windows 98 Second Edition, and Windows
Millennium Edition do contain the affected component, the vulnerability
is not critical because an exploitable attack vector has not been
identified that would yield a Critical severity rating for these
versions. For more information about severity ratings, visit the
following Web site."

98's not vulnerable because it hasn't been attacked to their knowledge,
although it can be successfully if anyone tries. Only those *******s
could find that to be logical.

Quite.

Bound to be the virus writers' next target !

Graham

Bob Cain arcane arcanemethods.com wrote:

Richard Crowley wrote:
"Pooh Bear" wrote ...
Mac Afee *may* have patched their AV.

http://us.mcafee.com/virusInfo/defau...virus_k=137760


Richard, this reports on only a single exploit of the flaw.
Exploits will be appearing as fast as the spoilers can make them.

Symantec and McAfee both rate it as a small threat.


The flaw is _not_ a virus, it is a difficult flaw

Were you predicting doom by helplessness?


within the system and MS has not published a fix...
only an OS patch can plug this and that has not been forthcoming.

It was published yesterday on January 5. See Windows Update.


You are not doing anyone a favor by ignorantly minimizing the
arbitrary damage that can be done by exploiting this flaw.

Neither is pretending that the sky is falling.


Anyone, if you have the ability to back your system up to a
removable drive, do so and remove it while there is still a time
window during which you can.

Actually, any computer user who has important files should always
have a backup on removable media. Hard drive failure can happen at
any time and usually means all is lost.






Bob
--

"Things should be described as simply as possible, but no simpler."

A. Einstein


Path: newsdbm04.news.prodigy.com!newsdst01.news.prodigy. com!newsmst01b.news.prodigy.com!prodigy.com!newsco n06.news.prodigy.com!prodigy.net!newshub.sdsu.edu! pln-e!spln!rex!extra.newsguy.com!newsp.newsguy.com!ene ws2
From: Bob Cain arcane arcanemethods.com
Newsgroups: rec.audio.pro
Subject: WMF Windows security flaw - change your browser
Date: Mon, 02 Jan 2006 22:40:50 -0800
Organization: Arcane Methods - http://www.arcanemethods.com
Lines: 32
Message-ID: dpd69e01sf2 enews2.newsguy.com
References: 43B9129D.32425D5D hotmail.com 11ri756evlq2h8a corp.supernews.com 43B91FA0.DED55E30 hotmail.com 11riaa4jpj5mjd2 corp.supernews.com 43B92BA6.3E105A2F hotmail.com 11ril5l3f1hjsd2 corp.supernews.com 43B9567A.4D8E0C8A hotmail.com 11rilumo1m04n30 corp.supernews.com
Reply-To: arcane arcanemethods.com
NNTP-Posting-Host: p-688.newsdawg.com
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
User-Agent: Thunderbird 1.5 (Windows/20051201)
In-Reply-To: 11rilumo1m04n30 corp.supernews.com
Xref: newsmst01b.news.prodigy.com rec.audio.pro:1223397

Mike Rivers wrote:

This is just what the Microsoft note said would happen. I suppose you
use those thumbnails to find pictures of your wife, baby, guitars, and
studio, and not nekkid ladies that you downloaded from porn web sites.
g


What?!? Do they have that stuff on teh internets??

John Doe wrote:

Bob Cain arcane arcanemethods.com wrote:

Richard Crowley wrote:
"Pooh Bear" wrote ...
Mac Afee *may* have patched their AV.

http://us.mcafee.com/virusInfo/defau...virus_k=137760


Richard, this reports on only a single exploit of the flaw.
Exploits will be appearing as fast as the spoilers can make them.

Symantec and McAfee both rate it as a small threat.

Because they're licking ass maybe ?

Anyone with a clue knows the potential of this exploit is huge.

Graham

Pooh Bear wrote:


Most ppl don't have the luxury of avoiding Windows. They need to use everyday
applications that other ppl use.

Graham

Well, unless they use a Mac.

" wrote:

Pooh Bear wrote:

Most ppl don't have the luxury of avoiding Windows. They need to use everyday
applications that other ppl use.

Graham

Well, unless they use a Mac.

Which part of " everyday applications that other ppl use " wasn't clear ?
:-p

Graham

Pooh Bear wrote:


Which part of " everyday applications that other ppl use " wasn't clear ?
:-p

Graham



Well, not to sound like an evangelist, but I guess it depends on what
"everyday applications other people use." Word, Excel, ppt, web
browsers, Quicken, Quickbooks, my DAW software, etc all work on my osx
box.

Bob Cain wrote:

What utter assholes. From the FAQ:

"Are Windows 98, Windows 98 Second Edition, or Windows Millennium
Edition critically affected by one or more of the vulnerabilities that
are addressed in this security bulletin?

No. Although Windows 98, Windows 98 Second Edition, and Windows
Millennium Edition do contain the affected component, the vulnerability
is not critical because an exploitable attack vector has not been
identified that would yield a Critical severity rating for these
versions. For more information about severity ratings, visit the
following Web site."

98's not vulnerable because it hasn't been attacked to their knowledge,
although it can be successfully if anyone tries. Only those *******s
could find that to be logical.

Just another way to force users of older versions to upgrade. Puts
another few dollars into Bill's pocket.

LOL

I didn't read their full note, sorry.

I just upgraded to their new patch via automatic upgrades after
removing the temporary one.

Regards...

Moose

On 5 Jan 2006 09:29:33 -0800, "Mike Rivers"
wrote:


wrote:

BTW, I unregistered this dll and renamed it. XP replaced it but left
it unregistered. The side effect that I found was I was NO longer
able to view thumbnail images in Windows Explorer which is something I
use a lot.

This is just what the Microsoft note said would happen. I suppose you
use those thumbnails to find pictures of your wife, baby, guitars, and
studio, and not nekkid ladies that you downloaded from porn web sites.
g

How good is Virtual PC? Does it support Visual Basic?

Moose

On Fri, 06 Jan 2006 07:49:28 GMT, "
wrote:

Pooh Bear wrote:


Most ppl don't have the luxury of avoiding Windows. They need to use everyday
applications that other ppl use.

Graham

Well, unless they use a Mac.

On Fri, 06 Jan 2006 06:33:49 -0500, Jim Gilliland
wrote:

Bob Cain wrote:

What utter assholes. From the FAQ:

"Are Windows 98, Windows 98 Second Edition, or Windows Millennium
Edition critically affected by one or more of the vulnerabilities that
are addressed in this security bulletin?

No. Although Windows 98, Windows 98 Second Edition, and Windows
Millennium Edition do contain the affected component, the vulnerability
is not critical because an exploitable attack vector has not been
identified that would yield a Critical severity rating for these
versions. For more information about severity ratings, visit the
following Web site."

98's not vulnerable because it hasn't been attacked to their knowledge,
although it can be successfully if anyone tries. Only those *******s
could find that to be logical.

Just another way to force users of older versions to upgrade. Puts
another few dollars into Bill's pocket.

Most people who use older computers are not satisfied with using older
software.The problem is when they upgrade to windows xp, upgrade their
browser,anti virus,spyware protection, firewalls,etc.They have 4
messengers, 3 media players,printer software and 20 other tray icons
running in systray.Then they wonder why thier computer with 128 megs
of ram is running so slow.This bogs down tech support with problems
that are not really resovleable.Eventually they need to get a new
computer.The price of upgrading is not worth it when you can get new
computers from an ISP , manufacturer or pawn shop for $299.00 or less.
We have people call on occasion who use win 3.1,windows 95 and they
are shocked we no longer support them.It is time to retire winodws 98
also.

Randall

" wrote in message
t...
Pooh Bear wrote:


Which part of " everyday applications that other ppl use " wasn't clear ?
:-p

Graham



Well, not to sound like an evangelist, but I guess it depends on what
"everyday applications other people use." Word, Excel, ppt, web browsers,
Quicken, Quickbooks, my DAW software, etc all work on my osx box.

It is probably not so important these days, but not too many years ago we
constantly dealt with difficulties of getting various video and audio files
generated on Macs to easily install and run clients' PCs. Our Mac oriented
graphics and video people really couldn't talk to PC-based clients to help
solve problems and incompatibilities. Even CDs burned on Macs sometimes
could not be read by customer PCs. We had one salary to pay for no other
reason than to resolve these issues.

Steve King

"Abyssmal" wrote in message
..

Most people who use older computers are not satisfied with using older
software.The problem is when they upgrade to windows xp, upgrade their
browser,anti virus,spyware protection, firewalls,etc.They have 4
messengers, 3 media players,printer software and 20 other tray icons
running in systray.Then they wonder why thier computer with 128 megs
of ram is running so slow.This bogs down tech support with problems
that are not really resovleable.Eventually they need to get a new
computer.The price of upgrading is not worth it when you can get new
computers from an ISP , manufacturer or pawn shop for $299.00 or less.
We have people call on occasion who use win 3.1,windows 95 and they
are shocked we no longer support them.It is time to retire winodws 98
also.

So the point of faster more powerful processors is to run Win3.1 and
Word2.0 faster ? Or to (optionally) have more sophisticated functionality
?

geoff

Troll

Pooh Bear rabbitsfriendsandrelations hotmail.com wrote:

Path: newssvr11.news.prodigy.com!newsdbm04.news.prodigy. com!newsdst01.news.prodigy.com!newsmst01b.news.pro digy.com!prodigy.com!newscon02.news.prodigy.com!pr odigy.net!newsfeed.cwix.com!newsfeed.gamma.ru!Gamm a.RU!newsfeed.icl.net!newsfeed.fjserv.net!colt.net !newsfeed.esat.net!nntpfeed.zonnet.nl!newsfeeder.w xs.nl!nntp-peering.plus.net!ptn-nntp-feeder01.plus.net!ptn-nntp-spool03.plus.net!ptn-nntp-reader04.plus.net!not-for-mail
Message-ID: 43BE20EA.DF651710 hotmail.com
Date: Fri, 06 Jan 2006 07:48:58 +0000
From: Pooh Bear rabbitsfriendsandrelations hotmail.com
Organization: The House at Pooh Corner
X-Mailer: Mozilla 4.8 [en] (Win98; U)
X-Accept-Language: en
MIME-Version: 1.0
Newsgroups: rec.audio.pro
Subject: WMF Windows security flaw - change your browser
References: 43B9129D.32425D5D hotmail.com 11ri756evlq2h8a corp.supernews.com 43B91FA0.DED55E30 hotmail.com 11riaa4jpj5mjd2 corp.supernews.com 43B92BA6.3E105A2F hotmail.com 11ril5l3f1hjsd2 corp.supernews.com 43B9567A.4D8E0C8A hotmail.com 11rilumo1m04n30 corp.supernews.com dpd69e01sf2 enews2.newsguy.com Xns9743B681D2A7follydom 207.115.17.102
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Lines: 24
NNTP-Posting-Host: 2aef69ae.ptn-nntp-reader04.plus.net
X-Trace: DXC=YcDl2CNQDHdJoE;_aIe7figd3Y`7Rb;n3_LeXC3B]SiCeV5FLAFVTcDKIeCHXG1YfmG7i5Q89SG`7X2fFoWFha
X-Complaints-To: abuse plus.net
Xref: newsmst01b.news.prodigy.com rec.audio.pro:1224796



John Doe wrote:

Bob Cain arcane arcanemethods.com wrote:

Richard Crowley wrote:
"Pooh Bear" wrote ...
Mac Afee *may* have patched their AV.

http://us.mcafee.com/virusInfo/defau...virus_k=137760


Richard, this reports on only a single exploit of the flaw.
Exploits will be appearing as fast as the spoilers can make them.

Symantec and McAfee both rate it as a small threat.

Because they're licking ass maybe ?

Anyone with a clue knows the potential of this exploit is huge.

Graham

No. Although Windows 98, Windows 98 Second Edition, and Windows
Millennium Edition do contain the affected component, the vulnerability
is not critical because an exploitable attack vector has not been
identified that would yield a Critical severity rating for these
versions. For more information about severity ratings, visit the
following Web site."

98's not vulnerable because it hasn't been attacked to their knowledge,
although it can be successfully if anyone tries. Only those *******s
could find that to be logical.


You're not reading it correctly.

Microsoft didn't say the stated operating systems weren't vulnerable. They
said they weren't crtically vulnerable.