When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

Microsoft Confirms WMF Vulnerability, Plans for Patch

Microsoft has issued a Security
Advisory (912840) concerning the recent WMF vulnerability exploit. Microsoft
also confirmed the REGSVR32 workaround as a viable solution to protect your PC
until they have had time to fully research the vulnerability and issue a patch. The following is a quote from the Microsoft Security Advisory.

Un-register the Windows Picture and Fax Viewer (Shimgvw.dll)

1. Click Start, click Run, type "

regsvr32 -u %windir%/system32/shimgvw.dll" (without the quotation marks), and then click OK.

2. A dialog box appears to confirm that the un-registration process has succeeded. Click OK to close the dialog box.

Impact of Workaround: The Windows Picture and Fax Viewer will no longer be started when users click on a link to an image type that is associated with the Windows Picture and Fax Viewer. To undo this change, re-register Shimgvw.dll by following the above steps. Replace the text in Step 1 with "regsvr32 %windir%/system32/shimgvw.dll" (without the quotation marks).

Antivirus and Security Experts at F-Secure advise that this method is more secure than simply filtering WMF content, as many types of image files (.GIF, .BMP, .JPG, .TIF, etc...) could be used in this exploit. F-Secure warns that to date they have only experienced spyware and fake antispyware / antivirus installations with this exploit but that more serious infections may be coming soon.

View: F-Secure WMF Vulnerability Update

News source: Microsoft Security Advisory 912840

Report a problem with article
Next Article

World of Warcraft rumor - New Alliance race confirmed?

Previous Article

What can we expect from Microsoft in 2006

Join the conversation!

Login or Sign Up to read and post a comment.

-1 Comments - Add comment