BenBishop.me.uk

Depending on what planet you’ve been living on for the last week or so you may not have heard the latest security threat to all versions of Windows from 98 onwards. I know we’ve heard this sort of thing before but this one seems pretty serious……

The WMF vulnerability appears to take advantage of a security ‘hole’ in Windows Meta Files (WMF) that can open the door to your system to various different viruses, Trojans or spy ware and malware. With no official Microsoft patch due until the 10th January, there is a simple precaution that could reduce the likelihood of an infected system;

The exploit makes use of the dll involved with the viewing of graphics in windows using the ‘Windows Picture and Fax Viewer’. Unregistering the offending ‘shimgvw.dll’ file in Windows should prevent the exploit from being able to take place and is a fairly simple solution.  In the run box copy and paste the following;

regsvr32 -u %windir%\system32\shimgvw.dll

If successful the following image should appear.

The ‘side effect’ of this quick fix does now prevent you from previewing images with the built in image viewer and stops Windows from displaying thumbnails of images in folders like ‘My Pictures’. To re-register the dll if you’d prefer to run the risk or for when Microsoft releases the official patches simply type the following;

regsvr32 %windir%\system32\shimgvw.dll

Update: Thankfully it appears Microsoft have released the official update a little earlier than planned. According to the BBC, ‘Microsoft said it brought forward the release of the patch because of "strong customer sentiment that the release should be made available as soon as possible".’

The update is now available through the Windows Update site as usual.