Havin_it Posted January 3, 2006 Share Posted January 3, 2006 I looked back at Steve Gibson's site and he now has this to say about Win9x: Windows 98/SE/ME users: Microsoft's original advice to "unregister the shimgvw.dll" (shell image viewer) was never correct or useful on those platforms. The good news is that all current WMF exploits appear to be non-functional on the older Win9x vintage platforms . . . so you will likely be okay until Microsoft has updated your system with the next security patches. There is no short-term workaround for Windows 9x users. That would explain why the WMF-checker gives my GF's WinME machine the all-clear (I haven't used the path on it, obviously). Other findings: - WMF files render automatically in IE, both embedded (in IMG tag) and via hyperlinks. - WMF renamed as JPG do not render (red X in both the above scenarios). - Thumbnail display isn't affected by unregistering the DLL (nor are the IE scenarios). Too bad Steve doesn't go further about the apparent non-functioning of the current exploits. Could it be that their payloads (rather than the exploit itself) simply aren't coded for Win9x...? If so, it's only a matter of time. Link to comment Share on other sites More sharing options...
Shibby Posted January 3, 2006 Share Posted January 3, 2006 So the only way for me is unregister the dll or apply the unoffical hotfix. Sorry i havn't kept up this Link to comment Share on other sites More sharing options...
The_Decryptor Veteran Posted January 3, 2006 Veteran Share Posted January 3, 2006 Too bad Steve doesn't go further about the apparent non-functioning of the current exploits. Could it be that their payloads (rather than the exploit itself) simply aren't coded for Win9x...? If so, it's only a matter of time. yeah, they just wouldn't be coded for Win 9x, this "Feature" (was actually added by ms when they were designing WMF) exists as far back as Windows 3.0 apparently. Link to comment Share on other sites More sharing options...
Chosen One Posted January 3, 2006 Share Posted January 3, 2006 hey is there away so that there isnt a blue background on my icons ?I want it back to what it was before when I could see thru their names Link to comment Share on other sites More sharing options...
exotoxic Posted January 3, 2006 Share Posted January 3, 2006 i havnt seen anyone mention this (i didnt read all the threads about this) assoc .wmf=txtfile anyone know if this would protect against it?? as it would be opening the file in notepad instead of image viewer EIDT: lol i looked 2 pages back and it was discussed... ah well :( Link to comment Share on other sites More sharing options...
exotoxic Posted January 3, 2006 Share Posted January 3, 2006 hey is there away so that there isnt a blue background on my icons ?I want it back to what it was before when I could see thru their names system properties --> advanced --> performance --> check the use drop shadows for icon labels on the desktop :) Link to comment Share on other sites More sharing options...
tkyoshi Posted January 3, 2006 Share Posted January 3, 2006 system properties --> advanced --> performance --> check the use drop shadows for icon labels on the desktop :) Actually most of the time i don't this this will work after you get infected. Try This: http://www.greyknight17.com/spy/RepairDesktop.reg it worked on the couple systems i repaired. Link to comment Share on other sites More sharing options...
Chosen One Posted January 4, 2006 Share Posted January 4, 2006 I havent been infected and I got the patch installed but ya that option is checked and the blue back drops are still there Link to comment Share on other sites More sharing options...
Michael_C Posted January 4, 2006 Share Posted January 4, 2006 hey is there away so that there isnt a blue background on my icons ?I want it back to what it was before when I could see thru their names Turn off active desktop. Link to comment Share on other sites More sharing options...
Chosen One Posted January 4, 2006 Share Posted January 4, 2006 Turn off active desktop. ROFL, thanks that was the problem Link to comment Share on other sites More sharing options...
Recommended Posts