Try any of the following.....
toolbarbiz[dot]biz toolbarsite[dot]biz toolbartraff[dot]biz toolbarurl[dot]biz buytoolbar[dot]biz buytraff[dot]biz iframebiz[dot]biz iframecash[dot]biz iframesite[dot]biz iframetraff[dot]biz iframeurl[dot]biz
Graham
Try any of the following.....
toolbarbiz[dot]biz toolbarsite[dot]biz toolbartraff[dot]biz toolbarurl[dot]biz buytoolbar[dot]biz buytraff[dot]biz iframebiz[dot]biz iframecash[dot]biz iframesite[dot]biz iframetraff[dot]biz iframeurl[dot]biz
Graham
What about Mozilla, which I use? Same problem with that? Also, under tools/folder options/file types in XP I don't see the .wmf listed?
-- Dirk The Consensus:- The political party for the new millenium http://www.theconsensus.org
"Winfield Hill" schreef in bericht news: snipped-for-privacy@drn.newsguy.com...
Yes, thanks. McAfee rates the risk as "low", both for the home users and for the corporate users:
Symantec does not even bother to mention it.
I hereby cancel my earlier advice to install MSDOS 2.0.
-- Thanks, Frank. (remove 'q' and '.invalid' when replying by email)
I have IBM's Dos2000.
John
IIRC, Firefox is set by default to use the Windows Media Player for wmf files. Since WMP doesn't understand wmf, it fails without executing the malware. An example of a teeny bug that turns out to be favorable. The full-up Mozilla may work similarly.
However, the attack file is still possibly in the browser cache and, as with the quarantine route mentioned above, if there's a background indexing program that "touches" the file (either in cache or quarantine) then the payload may be executed. I don't run any indexers and set up the auto-download to quarantine just to see whether anything is caught.
To be safe, I'd recommend installing the hotpatch by Ilfak Guilfanov, discussed at
-- Rich Webb Norfolk, VA
Problem with that is, that if they removed all of the 'dumbfuck "features"', there wouldn't be any Windoze left! ;-P
Cheers! Rich Maybe we should go back to CP/M! ;-D
The whole thing could probably be nipped in the bud, and most viruses, worms, and such, if people could be taught to not do their day-to-day stuff while logged in as administrator, but to create user accounts that don't have permission to install executable programs, and especially that don't have permission to overwrite system files.
Or, run Linux. :-)
Cheers! Rich
I probably wouldn't care - My RV would probably float. ;-P
Cheers! Rich
An error occurred while loading
An error occurred while loading
An error occurred while loading
At this point, I gave up.
Thanks anyway! Rich
A wmf file can be renamed by the exploiter to .jpg, .gif, .bmp, anything. Windows, stupid and voracious as it is, can be fed "file.jpg" but will execute it as a wmf. So just dumping wmf files isn't good enough. Such a file can merely be *in a folder*, not even opened, and do its thing.
Install the patch!
Oh, I looked all over the Microsoft security site and can find no mention of this exploit. How come some freelance blogger can write a fix in hours, and Microsoft stays silent?
John
I posted from a thread on a MS user board, but a half-week into the exploit loose in the wild, MS is staying quiet.
Damn, I thought were were safe if the image file had a jpg or gif extention. Sheesh!
I hate class-action lawsuits, but damn it, we need to hold Microsoft's hand over the flames. The 0.5 to 1B settlements they've been making every few months lately for their illegal unfair competition, etc., have not had any noticable effect on how they compete, nor on their lack of frank communication with their users. They continue as if nothing was happening.
-- Thanks, - Win
Yeah, using OS/2 I can go anywhere and do anything, like Conan the Barbarian. If I weren't a middle aged married guy with kids in college I might get dangerously excited....
Cheers,
Phil Hobbs
Some folks may still think that Opera is adware/payware. Since September 2005 it has been freeware. The screen-area-using, bandwidth-wasting ad frame that used to be in the non-payware version is gone.
Or they could simply remove the dumbfuck *features* of Windoze !
Graham
Google's text-only ads look better and better every day.
I usually feed the URL into the HTML Validator Service offered by the folks who maintain the HTML standard:
Nautilus whines if you try to open a WMF which has the wrong extension. It only lets you do it by selecting the application, and the warning indicates that the file can do damage.
I wouldn't trust linux to protect you on on this one, particularly if you like to run as root.
-- Regards, Bob Monsen "Physiological experiment on animals is justifiable for real investigation, but not for mere damnable and detestable curiosity." -- Charles Darwin
Had several other similar alerts, and it clearly needs taking very seriously.
On mine and my wife's PC (both XP Home) I've taken the basic steps recommended in several places:
...and rebooted.
One possible downside of the first is that it seems to prevent my viewing photos (JPGs) in Thumbnail mode. I have re-instated it with Run | regsvr32 shimgvw.dll and immediately got thumbnails back. Anyone else able to confirm this please?
There is also a Vulnerability Checker wmf_checker_hexblog.exe available here:
-- Terry Pinnell Hobbyist, West Sussex, UK
http://66.102.7.104/search?q=cache:MPS64sO97MsJ:slashdot.org/article.sid=04/10/19/0236213%26threshold=5%26mode=nested+IE-Shines-On-Broken-Code+IE-was-dynamically-rewriting-my-JavaScript-replacing-the-incorrect-delimiters-with-the-correct-ones
Looked ok to me (on firefox 1.5).
It has just occurred to me that google could do the world a service by "marking down" pages that fail these tests!
-- John Devereux
Quiet?
C'mon, you're safe as ever and you're devaluating the word 'sheesh' if you use it to often and without reason. McAfee says "low risk". Trend Micro Antivirus says "low risk". Ha, Kapersky says "moderate risk". Now make that backup and complain no more. If you want something to worry about, there's always GWB and idiots like JT.
Ah, that's where the shoe hurts. Fair enough ;)
-- Thanks, Frank. (remove 'q' and '.invalid' when replying by email)
ElectronDepot website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.