> -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Robert Turnbull > Sent: Tuesday, January 03, 2006 2:12 PM > To: [email protected] > Subject: [H] Windows vulnerability? > > From ZDNet: <http://blogs.zdnet.com/Ou/index.php?p=143&tag=nl.e589> > > Microsoft's official workaround to unregister a certain DLL file using the command of "regsvr32 /u shimgvw.dll" at the Start-Run prompt > seems to also be very effective. Unfortunately, it kills the ability for Windows Explorer to display thumbnail images but I'm afraid > we'll have to live without it until an official patch from Microsoft comes out (hopefully next month's patch cycle). There are new > reports that there are certain cases where this fix doesn't work. MSPaint and Lotus Notes can still be exploited even with this DLL > unregistered. I think we haven't heard the end of this one yet and there may be many more applications vulnerable to this exploit but > the combination of hardware-enforced DEP and unregistering the shimgvw.dll file seems to be very effective for now. > > > Best to all. > > Robert Turnbull, Toronto, Canada > l, Toronto, Canada
Good point, however unregistering shimgvw.dll ALONE is currently viewed as insufficient. There is speculation that the exploit might perhaps have the ability to re-register the DLL leaving one vulnerable once again. Bill
