There is a lot of information out on the web about a recently discovered Windows security problem that could allow a malicious website or file to run arbitrary code on your machine. This is bad.
The problem for Microsoft is simple – while a patch for the vulnerability has been created it must undergo extensive testing before they can take responsibility for rolling it out onto literally most of the computers on the planet. You don’t just hack something together and put it out there. Of course delaying is also causing them some serious PR problems.
On the other hand, a small security group that does not have the sort of corporate responsibilities that MS does can hack something together… and they did. Normally, I would advocate you wait for the official MS patch – but this thing is bad, bad, bad. I am willing to trust the SANS guys for the next week until the MS patch happens.
I put their patch in on my machines, what you do is up to you. I also ran the recommended command:
“%windir%system32regsvr32.exe -u %windir%system32shimgvw.dll”
- Microsoft Security Advisory (912840) Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution.
- The unofficial patch, as recommended by the Internet Storm Center
- Jesper’s Blog Conscientious Risk Management and WMF
- Welcome to the Microsoft Security Response Center Blog! Updated Advisory WMF Vulnerability