The last thing I would do is put an unofficial patch on my system.................

Tuesday, January 3, 2006

http://news.com.com/Firms+urged+to+use+unofficial+Windows+patch/2100-1002_3-6016649.html?tag=nefd.top

Experts are advising corporations to use an unofficial patch to combat the latest Microsoft Windows Meta File exploit.

Antivirus vendor F-Secure and the Internet Storm Center, a volunteer security group, separately urged businesses on Tuesday to use the unofficial patch, as Microsoft has not yet offered an authorized fix for the problem.

Not on my computer.

7 Comments

So, no plans to turn it on until next tuesday then ?

Simon Fell - Tuesday, January 3, 2006 9:15:00 PM

Agree with you there, but I did de-register the DLL aflicted, just in case. I've got other software for viewing graphics, so not having the viewer available isn't that big a woe.

regsvr32 -u %windir%\system32\shimgvw.dll

YMMV - Kent

Kent Sharkey - Tuesday, January 3, 2006 9:20:00 PM

Aapo:

My rationale for not installing the patch isn't that I'm a "ms advocate", but that I'm expecting the official patch to have a bad reaction to the unofficial patch, blowing something up. However, if it's as easy to uninstall as you describe, I may pop it on while I'm waiting...

Kent Sharkey - Tuesday, January 3, 2006 9:48:00 PM

***I'm expecting the official patch to have a bad reaction to the unofficial patch, blowing something up***

As I said, the unofficial patch doesn't modify any files. It's just one dll that get's loaded at boot (using appinit registry value). It works by pathing programs in memory. The thing what you are expecting is FUD from MS security division. If they really know what the patch does (and I think that they know), they should stop whining and crying because someone did really nice job for Windows users all around the world by providing the patch to this very severe exploit.

I know that MS has policy not to recommend unofficial patches and that is usually just fine. In this case they should have delivered the official patch quickly and if they really cannot do that, I see no problems in recommending the unofficial patch that has been already installed on thousands or millions computers worldwide without significant problems.

Aapo Laakkonen - Wednesday, January 4, 2006 3:39:00 AM

It's of course your computer, but this patch is made by a very well known programmer, and comes with sourcecode. You could of course NOT patch your system, but then you're vulnerable. If you think you're not vulnerable or you pay attention to the sites you're visiting... think again. If you are using HTML email, you are already doomed: one email with a .jpg which is actually a .wmf file and you're 0wned.

BUt of course, it's your computer :)

Frans Bouma - Wednesday, January 4, 2006 4:44:00 AM

An unofficial patch is still better than a virus or a trojan!

Nish - Wednesday, January 4, 2006 12:07:00 PM

OK, let me rephrase my original reservation (I've since looked at the patch, and applied it).

"I fully expect the MSFT patch to muck things up and break whatever this patch fixes."

Despite my past employment history, I have little respect or apologies for many parts of that company.

Kent Sharkey - Wednesday, January 4, 2006 12:14:00 PM

Comments have been disabled for this content.