http://www.washingtonpost.com/wp-dyn...122901456.html

[
Windows Security Flaw Is 'Severe'
PCs Vulnerable to Spyware, Viruses

By Brian Krebs
Special to The Washington Post
Friday, December 30, 2005; Page D01

A previously unknown flaw in Microsoft Corp.'s Windows operating
system is leaving computer users vulnerable to spyware, viruses and
other programs that could overtake their machines and has sent the
company scrambling to come up with a fix.

Microsoft said in a statement yesterday that it is investigating the
vulnerability and plans to issue a software patch to fix the problem.
The company could not say how soon that patch would be available.

snip
]
--
Cliff

Hey thanks for the SolidWorks related topic. By the way, did you know
there was a thread for this information comp.windows?

Bubba, you ain't gonna beat Cliff at his own game. Do yourself and everyone
else a favor; give it a rest.

Cliff wrote:
http://www.washingtonpost.com/wp-dyn...122901456.html

[
Windows Security Flaw Is 'Severe'
PCs Vulnerable to Spyware, Viruses

By Brian Krebs
Special to The Washington Post
Friday, December 30, 2005; Page D01
snip
Cliff
----------------------------
Stee Gibson at GRC.com has a simple interium "fix" to give some
protection
unitl MS etc figure out a better solution.

Terry

-------------------------
http://www.grc.com/sn/notes-020.htm
--------------------------

A serious new remotely exploitable vulnerability has been discovered in
Microsoft Windows' image processing code.

UNTIL THIS IS REPAIRED BY MICROSOFT, ANY ATTEMPT
TO DISPLAY A MALICIOUS IMAGE IN WINDOWS COULD
INSTALL MALICIOUS SOFTWARE INTO THE COMPUTER.

This is a so-called "0-day vulnerability" because exploits for the
vulnerability appeared before any updates or patches were available.

All versions of Windows from Windows 98 through ME, NT, 2000, XP, and
2003 are
known to be vulnerable, and a large and rapidly growing number of
malicious exploits
(57 at last count) are already circulating in the wild. They are being
actively used to
install malware and Trojans into user's machines. Viruses and worms are
expected to appear shortly.

Although NOT a complete solution, Microsoft has recommended
temporarily disabling the automatic display of some images by the
operating system and web browser. This can be done, as detailed below,
by "unregistering" the "SHIMGVW.DLL" Windows DLL. THIS IS NOT A
COMPLETE SOLUTION, but it significantly lowers the risk from this
vulnerability from web surfing.

snip

To immediately disable the vulnerable Windows component:

Logon as a user with full administrative rights.

Click the Windows "Start" button and select "Run..."

Enter the following string into the "Open" field:

regsvr32 -u shimgvw.dll

(You can copy/paste from this page using Ctrl-C/Ctrl-V)

Click "OK" to unregister the vulnerable DLL.

If all goes well, you will receive a confirmation prompt, and your
system is now safe.
No need to reboot, but you might want to just to be sure that any
possible currently
loaded instance is flushed out.
------------------------------------------


To eventually re-enable the "SHIMGVW.DLL" component:

Logon as a user with full administrative rights.

Click the Windows "Start" button and select "Run..."

Enter the following string into the "Open" field:

regsvr32 shimgvw.dll

(You can copy/paste from this page using Ctrl-C/Ctrl-V)
Same as the one above, but no "-u" for "uninstall".

Click "OK" to re-register the (hopefully) non-vulnerable DLL.

Allow me the honor of giving you a brief lesson in Cliff's many mumpish
attributes. Instead of focusing on why Cliff's shock troops are just as
bad as Cliff is, if not worse, I would like to remind people that
Cliff's bald-faced lies and growing list of material falsehoods raise
some new and very disturbing issues. Don't make the mistake of thinking
otherwise. Cliff does, and that's why he finds reality too difficult to
swallow. Or maybe it just gets lost between the sports and
entertainment pages. In either case, Cliff says that all any child
needs is a big dose of television every day. That's a stupid thing to
say. It's like saying that trees cause more pollution than automobiles
do. We must complain about stinking power brokers. If we fail in this,
we are not failing someone else; we are not disrupting some interest
separate from ourselves. Rather, it is we who suffer when we neglect to
observe that Cliff insists that we should avoid personal
responsibility. This is a rather strong notion from someone who knows
so little about the subject. I have often maintained that reasonable
people can reasonably disagree. Unfortunately, when dealing with Cliff
and his subordinates, that claim assumes facts not in evidence. So let
me claim instead that I see how important Cliff's foul-mouthed,
loathsome smear tactics are to his apple-polishers and I laugh. I laugh
because his vassals are easily manipulated. That's pretty transparent.
What's not so transparent is the answer to the following question: What
does he hope to achieve by repeatedly applying his lips to the
posteriors of the most narrow-minded storytellers you'll ever see? A
clue might be that as soon as his provocateurs caricature and
stereotype people from other cultures, they will have destroyed the
basis for their own existence. End of story. Actually, I should add
that someone just showed me a memo supposedly written by Cliff. The
memo spells out his plans to reward mediocrity. If this memo is
authentic, it tells us that this is a free country, and I suspect we
ought to keep it that way. In order to convince us that he is a
perpetual victim of injustice, Cliff often turns to the old
propagandist trick of comparing results brought about by entirely
dissimilar causes. What he is incapable of seeing is that he may have
access to weapons of mass destruction. Then again, I consider Cliff to
be a weapon of mass destruction himself. Lastly, I can't end this
letter without mentioning that most of what Cliff says is pure
gibberish.

Are you the big fella that was in the Green Mile? What do them little horrie
things taste like when you upchuck them?

Aye... Thar ye go again with that lawyerly tongue... More skilled than
two bit wench with that wiley ting....


Arrrrr

Cliff wrote:
http://www.washingtonpost.com/wp-dyn...122901456.html

[
Windows Security Flaw Is 'Severe'
PCs Vulnerable to Spyware, Viruses

By Brian Krebs
Special to The Washington Post
Friday, December 30, 2005; Page D01

A previously unknown flaw in Microsoft Corp.'s Windows operating
system is leaving computer users vulnerable to spyware, viruses and
other programs that could overtake their machines and has sent the
company scrambling to come up with a fix.

Microsoft said in a statement yesterday that it is investigating the
vulnerability and plans to issue a software patch to fix the problem.
The company could not say how soon that patch would be available.
This is NEWS? They issue one of these press releases about 30 times
a year! It never ends, either. They are still reporting security
problems in Win 2K. Maybe these are new bugs they introduced in the
last patch attempt.

Jon

On 30 Dec 2005 16:27:49 -0800, wrote:

NNTP-Posting-Host: 71.139.194.191

On 30 Dec 2005 17:13:26 -0800, wrote:

NNTP-Posting-Host: 71.139.194.191


HTH
--
Cliff

A secret poll on comp.cad.solidworks has just voted 'cadis' as the most
verbose troll of the year 2005, in spite of his late arrival.

The extended, extensive, superimposed, elaborated & convoluted
explanations of topics beyond the imagination of all those preceeding
has been documented to be 99.9% true, resulting in the election to
position of Propaganda Czar.

Now if we can just find a worthy candidate to attack and befuddle into
submission, like say Mugabe, or Iran. Why not?

On 30 Dec 2005 16:27:49 -0800, wrote:

Allow me the honor of giving you a brief lesson in Cliff's many mumpish
attributes. Instead of focusing on why Cliff's shock troops are just as
bad as Cliff is, if not worse, I would like to remind people that
Cliff's bald-faced lies and growing list of material falsehoods raise
some new and very disturbing issues. Don't make the mistake of thinking
otherwise. Cliff does, and that's why he finds reality too difficult to
swallow. Or maybe it just gets lost between the sports and
entertainment pages. In either case, Cliff says that all any child
needs is a big dose of television every day. That's a stupid thing to
say. It's like saying that trees cause more pollution than automobiles
do. We must complain about stinking power brokers. If we fail in this,
we are not failing someone else; we are not disrupting some interest
separate from ourselves. Rather, it is we who suffer when we neglect to
observe that Cliff insists that we should avoid personal
responsibility. This is a rather strong notion from someone who knows
so little about the subject. I have often maintained that reasonable
people can reasonably disagree. Unfortunately, when dealing with Cliff
and his subordinates, that claim assumes facts not in evidence. So let
me claim instead that I see how important Cliff's foul-mouthed,
loathsome smear tactics are to his apple-polishers and I laugh. I laugh
because his vassals are easily manipulated. That's pretty transparent.
What's not so transparent is the answer to the following question: What
does he hope to achieve by repeatedly applying his lips to the
posteriors of the most narrow-minded storytellers you'll ever see? A
clue might be that as soon as his provocateurs caricature and
stereotype people from other cultures, they will have destroyed the
basis for their own existence. End of story. Actually, I should add
that someone just showed me a memo supposedly written by Cliff. The
memo spells out his plans to reward mediocrity. If this memo is
authentic, it tells us that this is a free country, and I suspect we
ought to keep it that way. In order to convince us that he is a
perpetual victim of injustice, Cliff often turns to the old
propagandist trick of comparing results brought about by entirely
dissimilar causes. What he is incapable of seeing is that he may have
access to weapons of mass destruction. Then again, I consider Cliff to
be a weapon of mass destruction himself. Lastly, I can't end this
letter without mentioning that most of what Cliff says is pure
gibberish.

LOL .....
--
Cliff

On 30 Dec 2005 14:24:27 -0800, wrote:


Cliff wrote:
http://www.washingtonpost.com/wp-dyn...122901456.html

[
Windows Security Flaw Is 'Severe'
PCs Vulnerable to Spyware, Viruses

By Brian Krebs
Special to The Washington Post
Friday, December 30, 2005; Page D01
snip
Cliff
----------------------------
Stee Gibson at GRC.com has a simple interium "fix" to give some
protection
unitl MS etc figure out a better solution.

I'm told that someone tried this (Win98 SE) and gets
"Here is the identical error message I got from Window Registry Editor
when trying to run both the 'unregister' well as re-register
commands:"

Error relates to RegSvr32 (if I read it correctly)
and says "LoadLibrary("shimgvw.dll") failed" plus
a bit of what looks like diagnostics.
--
Cliff