WMF exploit
Microsoft has still have to produce a patch for this exploit, but here you can find some information and a provisional patch.
Things can get ugly here in Ireland where a lot of businesses are back from holidays starting tomorrow morning. Hope an official update will be made available quickly.
Source: ISC
- What can I do to protect myself?
- Microsoft has not yet released a patch. An unofficial patch was made available by Ilfak Guilfanov. Our own Tom Liston reviewed the patch and we tested it. The reviewed and tested version is available here (now at v1.3, MD5: 14d8c937d97572deb9cb07297a87e62a), PGP signature (signed with ISC key) here. THANKS to Ilfak Guilfanov for providing the patch!!
- You can unregister the related DLL.
- Virus checkers provide some protection.
To unregister the DLL:
- Click Start, click Run, type "regsvr32 -u %windir%\system32\shimgvw.dll" (without the quotation marks), and then click OK.
- A dialog box appears to confirm that the un-registration process has succeeded. Click OK to close the dialog box.
Our current "best practice" recommendation is to both unregister the DLL and to use the unofficial patch.