Eek... Thanks for the heads up!

Thank you Zen, and Cheese. I think it'd be a good idea to download F-Prot.

Ah, thanks for informing us. It's quite unfortunate, I hope it doesn't last too long.

I had assumed imageshack were the ones responsible, because the only theads I've visited with images were imageshack hosted...

Bugger. The big annoyance with this is that images which were also links to other places are now just links to the image - the link to the other place is gone. Particularly annoying for people who have used Imageshack thumbnails.

[This message has been edited by Shrink (edited 12-29-2005 @ 03:31 PM).]

I'll be blunt.

It is insane to use MSIE. No one should use MSIE, unless:

1. You do a manual Windows update (and Firefox is changing even this).
2. You need to surf a site which is sabotaged by MS (e.g., MS Front Page) with code which causes the page to be rendered improperly by competitors to MS (like Opera and Firefox). Some financial sites lock you into useing MSIE.

This WMF exploit is the tip of the iceburg, but the reality is that most malicious code relies on one or more of the following on your machine:

1. MSIE.
2. MSN.
3. MS Outlook/Outlook express.
4. MS Office.

If you are a private individual (e.g., not a corporate user, forced by your IT department to use Outlook, e.g.), then do not use these programs.

There are a lot of "whys" and contentious fingerpointing about this, depending on one's BIAS. To cut to the chase, who cares about excuses. This is current reality in the MS PC world. Protect yourself as best you can, and avoid these if your usage pattern leaves you susceptible (vulnerable) to attack.

F-prot is a good AV program. I have used it since it was first introduced. NOD32 is best, and will automatically update NOD32 users (like me) within hours. AVG is good, and it is free.

On the other hand... (being blunt), if you have Norton or McAfee, then it is my opinion you should back up your system, repartition, and install a fresh OS, and never allow Symantec products of McAfee products to touch it. Use NOD32, Panda, AVG, or F-Prot. NOD32 is far away the best for gamers.

For e-mail on the PC, Eudora is the best. I cannot tell you of the hundreds of virus attachments Eudora has "caught" when I have had AV turned off... the virus will sit dormant (harmless) in the download directory, because it did not get downloaded into Outlook or OE. Do I run with AV off? Until NOD32, yes. But then I know a lot about them, and how to remove and defeat the few that slip through my "unprotected" machine... now (since October) I just NOD and forget it.

Of course, I could fill several hundred pages with caveats and technical explanations, and "reasons" why blah blah blah... but who cares. Just protect yourself.

Simple forumula for the Spoon-fed:

1. Use Firefox 1.5 or Opera 8.51 + Languages.
2. Use NOD32.
3. Use Open Office 2.0.1.
4. Use Anti spyware (Spybot+Spyware Blaster 3.4).
5. Use Eudora.

Its all free, and its all the best (for average users). NOD32 is 30-day free trial.

Thanks Watrtrain.

Quote:

It's amazing. I've been telling everyone here that for a year. They absolutely refuse to listen to me, calling me a Firefox fanboy. I bet they'll see that you said it and immediately download another browser.

At any rate, this sucks for me because, by enlarge, I use my Mac for browsing the forums. Though, at the moment I'm on my PC. At any rate, this is hardly surprising. Now taking bets on how long it'll take Microsoft to patch this exploit.

OMG THERES A BACKDOOR TO WINDOWS!! P#34r!!one!![/sarcasm]

Thanks for the info guys.

Quote:

I have all of these, but never use Outlook or IE and only use MSN occasionally.

Would using Windows Search find WMF files that have been renamed as well as those that haven't?

Firefox/Thunderbird in the house. ^_^

Unfortunately I'm a member of the dark side when it comes to IM and Office programs. I hate Open Office, and I love MSN Messenger.

Quote:

No (unless you search for an embedded string). But be sure to turn off the explorer preview, if you think you might have a problem with some files.

About people using the programs I listed earlier... you can, and its not a sin if you use them (or, gasp, even *like* them)... but people should just be aware that there can be a problem.

For instance, the MS OS has a disgusting secret called Alexa Spyware in it... most people are unaware of it, but some of us like to hunt that stuff down and remove it. We just don't like people (even MS), watching, infiltrating and infesting our daily life.

Honestly, I don't understand a single word of any of this technical stuff But thanks for watchin out for us, Wartrain. I already use Firefox, and I downloaded NOD the other night (the first night you posted the thread in the tech forums).

Quote:

HERETIC!!!

Oh wait, I find myself guilty too... to some extent.
But one thing is for sure; I would never dream about downloading the most recent version of it, for many reasons.

[This message has been edited by GloryofSparta (edited 12-31-2005 @ 05:14 AM).]

I'm really starting to hate both NOD and Mcafee. First, I scanned my system and it picked up a large number of serious viruses, but the program won't allow me to quarantine, delete, or do anything to the file. All the options, except cancel/continue, are grayed out. What the hell good is an anti-virus if you can't clean your system? Now, since I scanned, Mcafee keep poping up, of all things, trojan warnings.

oops, wrong thread. sry.

[This message has been edited by KaiserWinterfeldt (edited 12-31-2005 @ 11:37 AM).]

On 10Jan2005, MS might have an official answer to fixing the defective Windows OS, regarding the WMF/image exploits:

Quoted from CNN:

I have been using and testing the for the last day, and it has worked well. The wmf_checker_hexblog.exe tests the system, as advertized. This is the screenshot of the test, after the wmffix_hexblog14.exe patch is applied:

If you are surfing sites that you are not 100% sure of during the next week, or until not only MS releases its "fix", but experts test the stability of that fix for a day or two after its release (expected on the 10th of Jan), then you may want to use this non-MS fix, which does seem to work without causing problems:

http://www.grc.com/sn/notes-020.htm

This fix has been tested with leaked version of the Official MS fix due on the 10th, and it is compatible (as expected)... no problems. So personally, I'm using Ilfak's WMF patch utility until a stable MS fix is done. There are over 100 known exploits now, so IMHO its unsafe to web-surf unless protected.

Wow, I am somewhat surprised such a small program can fix such a large problem! But I ran the check and it says my system is invulnerable, so I am very much grateful to you, Wartrain!

Due the high risk of this flaw, Microsoft has released the Patch today instead of Tuesday. You can and should download the Patch immediately at the Microsoft Download Center or via Windows Update.

Cheers

[This message has been edited by Saltuarius (edited 01-05-2006 @ 03:53 PM).]

Stunning Reversal: MS releases WMF cure immediately!

A few minutes ago, Mike Nash (the Corporate Vice President responsible for security at Microsoft) suddenly announced MS would release the fix for the WMF Vulnerability problem immediately. Yesterday, MS officially said they would not release it until the 10th, despite having completed the fix on December 28th. This is what has caused HeavenGames and other sites to shut down graphics in order to protect site visitors while awaiting the official MS solution to this critical Windows XP defect. Mike published an open letter today "explaining" why MS reversed course and abruptly decided to release the cure they've had for a week already: first, "we have an update that we believe in" and second, "a number of customers are seeing exploit traffic hitting their ... systems." Frankly, this means MS took strong criticism yesterday for withholding the cure since December 28th, while letting people with XP or 2000 get exploited worldwide.

It is very important to note that the cure will only be available to users of Windows XP and Windows 2000. However, all versions of Windows are affected, including Windows 98, 98SE, and ME. The official "explanation" from MS is that "the vulnerability is not critical because an exploitable attack vector has not been identified that would yield a Critical severity rating for these versions." MS classifies the Win98 issue as "a vulnerability whose exploitation could result in compromise of the confidentiality, integrity, or availability of users data, or of the integrity or availability of processing resources." In straight talk, this means that MS would prefer you buy a newer OS, and leaving you open for exploit this time will simply help open your wallet.

If you have Windows XP or Windows 2000, you should download and install this critical fix immediately. If you have any other MS OS, then Micro$oft has totally abandoned you, and you are on your own.

More Info: Microsoft Security Bulletin MS06001 (Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution)

Download the official MS WMF Exploit Fix: Security Update for Windows XP (KB912919)

Now for the GOOD NEWS for Windows 95, 98, 98SE, ME, and NT(?) users. Although M$ has officially decided that you do not deserve the much-needed fix of the defective MS files (that MS is already able to provide, but will not because of corporate greed), others are not so evil.

In particular, a man I have known of since the 1980's when he developed the first releases of SpinRite, Steve Gibson, has publicly promised to provide a permanent fix for those that Microsoft has abandoned... if MS does not do it themselves. It turns out that Microsoft has simply now "reclassified" the WMF vulnerability in Windows 95, 98, and ME as "non-critical", instead of just fixing it.

To put the blame exactly where it goes, here is the blunt truth:

1. MS is the richest company in the world.
2. MS can easily fix all Windows OSs, not just 2000 and XP.
3. MS created the dangerous and defective GDI32.DLL responsible for this expoit.
4. MS created the old WMF "SETABORT" command from metafile processing. It is this unnecessary command that gives hackers and the world total control of your machine if you read e-mail or surf the web.
5. The SETABORT command can simply be disabled in all MS OSs. Problem easily solved, case closed.
6. MS rightly classifies the exploit of XP & 2000 owners as "critical".
7. Today, MS reclassified everyone else [getting electronically raped] as "non-critical" and undeserving of help to fix this problem caused soley and completely by the inadequate and defective programming of their own MS employees.
8. In short, MS caused the problem. MS can fix it. But they will not.
9. MS will be unleashing a new and sinister OS called Vista, supposedly on December 31st, 2006. MS would prefer that right now, this instant, that Win98 & WinME owners rush out and buy, usually for $200 to $500, their XP OS. Then buy the new Vista OS in a few months. Questions?

To summarize, help will soon be available from others, if MS does not relent and fix the all Windows OSs.

------------------------------------------------------------ ------------

Note: The sinister nature of Vista (Codenamed 'Longhorn') has been known for 4 years to those of us who are aware of MS corporate goals and policy, and understand OS design. It is way beyond the scope of this post, and still dependent on the final resolution of court actions blocking MS using the more sinister parts of Vista, but MS Vista's real purpose is actually to take total control of your machine, all files you create or have created, and everything you do.

People who use Intel P4 processors for the last 2 years have unwittingly been funding and purchasing the instrument of their unconditional surrender to MS and their plans to do nothing less that assume control of all PCs what runs MS Vista and XP SP3 (to be released shortly after Vista, according to Bill) in the world. In 2002, MS announced that they had forced Intel to include the hardware on every P4 chip, at the cost of over $100,000,000 collectively, after Fall, 2004. This will take control of your machine, and all you do, and all you have ever done... the new code-speak for this, given the strong negative reaction in the US to the MS/Intel code-name Palladium and the now-sinister connation it carries, is now TCPA (Trusted Computing Platform Alliance), or "Trusted Computing" for MS propoganda short use. A total misnomer.

MS has told US judges "trust us" we won't "do" anything with everyone's secrets and we won't "do" anything with secret contol of their machines. One judge asked If that were so, why did MS and Intel secretly collaborate and spend over a hundred million dollars since the year 2000 to develop technology that can take over all MS-operating system PCs on planet earth and beyond, and then testify that they would never use that expensive technology? It makes no sense, unless MS were lying, and the judge knew it. "Trust us, we're Microsoft" -- Bill Gates offered in defense of being csught in a lie. And the judge let it go. Money is power.

Assuming MS unleashes Vista as they have planned to do in December, it will mark the end of PC computing in a Windows environment as we know it today. Most of us will be transitioned to Linux by the end of this year (2006) anyway.

The irony is that those who know technology have always known that a greedy billion-dollar company would secretly invade average users' windows-based PCs, realistically in 2007. We were wrong. It happened in 2005, and the corporate evil responsible for the first sinister takeover of users' PCs was not Microsoft (with their thankfully-delayed trojan Vista "OS"), but Sony BMG, using "ordinary" audio CDs!

[This message has been edited by Wartrain (edited 01-05-2006 @ 10:30 PM).]

A friend of mine runs a movie-cg company here in town, and had to ban all staff from bringing in any Sony/BMG music cd's for use on any of the systems for fear of problems (we're talking several thousand dollars of hardware and software per computer)...the funny thing is that one of their main backers, and the company responsible for providing some of their most expensive equipment, is Sony.

As this exact moment, my PS is now downloading (via Automatic Updates in XP) the MS WMF exploit fix. Note the timestamp. On this PC, I did not apply the fix, and turned auto-updates to "Download updates for me, but let me choose when to install them". Normally, auto-updates is off until I manually instruct XP to update, or DL and apply the update myself.

So MS gets pretty good marks for downloading the WMF fix reasonably promptly to me here in Sweden (within 4 or 5 hours of official MS release).

EDIT: Here is the screenshot .

[This message has been edited by Wartrain (edited 01-05-2006 @ 11:08 PM).]

XP automatically downloaded the fix for me

So, now that the fix is out, will HG turn on images again?

Will we get an aswear to that? It has gone 6 days now since the question was asked.

I'll ask it again too. However, I'm sure that certain issues of HG security and validating that everything is OK, plus to realize that people maintaining the technical side of the forums are volunteers with a lot to do... that's my educated guess anyway.