Public Service Announcement

There's a new computer virus threat described as "huge":

....the potential for damaging attacks increased dramatically at the weekend after a group of computer hackers published the source code they used to exploit it. Unlike most attacks, which require victims to download or execute a suspect file, the new vulnerability makes it possible for users to infect their computers with spyware or a virus simply by viewing a web page, e-mail or instant message that contains a contaminated image.

“We haven’t seen anything that bad yet, but multiple individuals and groups are exploiting this vulnerability,” Mr Hyppönen said. He said that every Windows system shipped since 1990 contained the flaw.

As Microsoft admits, the "Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution," although they haven't released a fix for it.

A most helpful programmer, Ilfak Guilfanov has written a patch which is available here and here, along with instructions on how to unregister the dangerous .dll file which is vulnerable to being exploited.

I don't normally bore readers with stuff like this, but I thought I should just let everyone know that I downloaded and installed the patch, and unregistered the DLL, and everything is fine.

I don't especially like the idea of being infected merely by viewing web pages, and the more I read about how the exploit worked, the more I saw the wisdom in protecting myself against it.

It's peace of mind which costs nothing.

UPDATE: Because of traffic overload, Russian programmer Ilsak Guilfanov's site is down (readers may have noticed the above links do not work), but the patch can be downloaded here, or at Guilfanov's temporary new streamlined site.

posted by Eric on 01.02.06 at 11:34 PM



John Anderson   ·  January 4, 2006 2:56 AM

April 2011
Sun Mon Tue Wed Thu Fri Sat
          1 2
3 4 5 6 7 8 9
10 11 12 13 14 15 16
17 18 19 20 21 22 23
24 25 26 27 28 29 30


Search the Site


Classics To Go

Classical Values PDA Link


Recent Entries


Site Credits