Temporary WMF Exploit Patch Available!

Monday, January 2nd, 2006
by Lockergnome

Ilfak Guilfanov, well known in “reverse engineering” circles for his wildly popular IDA Disassembler, needed a temporary patch for his own system due to the seriousness of the WMF vulnerability, so he wrote one!

This safely and “dynamically patches” the vulnerable function in Windows to neuter it and, after rebooting, renders any Windows 2000, XP, 64-bit XP and 2003 systems completely invulnerable to exploitation of the Windows Metafile vulnerability.

Please Note: Unlike the “DLL unregister” recommendation offered by Microsoft (see RED box below) Ilfak’s patch completely eliminates the vulnerability. Therefore, until Microsoft is able to update and repair their vulnerable GDI32.DLL, this is what you should use. You do NOT need to unregister the DLL.

You SHOULD REMOVE THIS PATCH to restore full functionality to Windows Metafile processing once WIndows has been officially updated and repaired.

To Remove: Simply open the Windows Control Panel “Add/Remove Programs,” where you will find the “Windows WMF Metafile Vulnerability HotFix” listed. Remove it, then reboot.

[Continue reading Temporary WMF Exploit Patch Available!]

[Download Ilfak's Temporary WMF Patch FREE]

[tags]steve gibson,wmf,windows metafile,.wmf,grc,gibson research[/tags]

What Do You Think?

Want to Start a Blog Here for Free?

Are you an expert in one subject or another? If your goal is to help others and dispense your hard-earned information back to the community, get involved in our community site today! You can write about anything - no matter the topic. Exceptional candidates will be offered the chance to contribute to (and generate revenue from) the main Lockergnome site. Join us today!