You are here:
  1. Home
  2. Blog
  3. Geek
  4. MS Win WMF exploit

MS Win WMF exploit

 |  Geek

I wasn’t going to blog about the new Windows Exploit because I know quite a few people already have, but as it turns out: Microsoft are being slow as usual and won’t be patching the issue until approx’ January 9th. The exploit is becoming incredibly widespread, new variants are popping up everywhere and apparently spyware companies have been using banner adverts to spread it so it’s relatively serious.

Anyhow, to help protect you until Microsoft release an official patch, you can take the following couple o’ steps…

1. Unregister shimgvw.dll by by going to START, Run and pasting in the following, then clicking enter:

regsvr32 -u %windir%/system32/shimgvw.dll

When all the fuss is over you can repeat the steps, only type in regsvr32 shimgvw.dll instead. This’ll re-register the file.

2. Download the unofficial patch. This is a direct link and will start the download. The patch is being offered from the SANS Internet Storm Center who have said the following:

This is a bad situation that will only get worse. The very best response that our collective wisdom can create is contained in this advice – unregister shimgvw.dll and use the unofficial patch. You need to trust us. […]

I haven’t downloaded the patch so I have no idea how big it is or what exactly it does, but then I’m rather unworried. Not because I doubt the severity of the thing, just ’cause I got me some Ubuntu magic to boot into if I need to. ;)

Edit: Microsoft obviously took the hint: official patch.

Jem Turner +44(0)7521056376

Comments are closed.

Follow on Instagram