1/2/2006

New High Quality Temporary WMF Vulnerability Fix

Filed under: — By Aviran Mordo @ 9:00 am

Ilfak Guilfanov, well known in “reverse engineering” circles for his wildly popular IDA Disassembler, needed a temporary patch for his own system due to the seriousness of the WMF vulnerability . . . so he wrote one!

This safely and “dynamically patches” the vulnerable function in Windows to neuter it and, after rebooting, renders any Windows 2000, XP, 64-bit XP and 2003 systems completely invulnerable to exploitation of the Windows Metafile vulnerability.

Please Note: Unlike the “DLL unregister” recommendation offered by Microsoft (see RED box below) Ilfak’s patch completely eliminates the vulnerability. Therefore, until Microsoft is able to update and repair their vulnerable GDI32.DLL, this is what you should use. You do NOT need to unregister the DLL as described in the RED box below.

You SHOULD REMOVE THIS PATCH to restore full functionality to Windows Metafile processing once WIndows has been officially updated and repaired.

To Remove: Simply open the Windows Control Panel “Add/Remove Programs”, where you will find the “Windows WMF Metafile Vulnerability HotFix” listed. Remove it, then reboot.

Download Ilfak’s Temporary WMF Patch
291 kb — for Windows 2000, XP, 64-bit XP and 2003 server

Source: Security Now

 

Leave a Reply

You must have Javascript enabled in order to submit comments.

All fields are optional (except comment).
Some comments may be held for moderation (depends on spam filter) and not show up immediately.
Links will automatically get rel="nofollow" attribute to deter spammers.

Powered by WordPress