Archive for December, 2005
On the sidebar you will find the new page I have written, including some tools to help assist you in the repair of permissions and associations. If anything is unclear or needs elaboration, please let me know.
This has hit the wild, and although everyone's reported it already, there is a workaround and something to note about Dial-a-fix, so I figure I should let the users of my site know about it.
Basically, it is an exploit that affects WMF (Windows meta file — clipart) files via a bug in shimgvw.dll. This is kind of similar to the JPEG exploit from a while back.
More info: http://www.securityfocus.com/brief/89
To sort-of work around this, you can go to Start > Run > and type regsvr32 /u shimgvw.dll. Dial-a-fix *does* register this DLL via the Shell checkmark on the More… dialog, so if you use that section of Dial-a-fix and want to stay protected from WMF files until Microsoft issues a patch, you must regsvr32 /u shimgvw.dll again after using that section of Dial-a-fix. Note that there will be a loss in functionality in various sections of Windows, as shimgvw.dll does a lot of things for XP, not just thumbnails and Picture and Fax Viewer. Firefox is not directly affected, but if you open or save the WMF file when prompted, you will then be attacked (when shimgvw.dll creates a thumbnail of the WMF, or if you open it from Firefox).
BugTraq update:
If the exploit file is named with another graphics extension (i.e. .gif, .jpg, .png, .tif), the GDI library will still read it correctly as a WMF file and execute the exploit. As a result, all common graphics files can carry the exploit.
Dial-a-fix version 0.56 beta is almost ready for release. :D
I'm most excited about this release. Go to the Dial-a-fix section and check out the new additions!
This does not get rid of the tray icon. This only gets rid of the icon in My Computer. You should be able to right-click on the tray icon and disable that version of scout from there.
Click Start > Run, and type:
regsvr32 /u "%commonprogramfiles%\Ahead\Lib\MediaLibraryNSE.dll"
To undo (put it back) :
regsvr32 "%commonprogramfiles%\Ahead\Lib\MediaLibraryNSE.dll"
This will not cause any harm.
A wiki page has been created, which contains multiple fun DLL registrations, including this one.
I added the old cdtray.exe program I had made for rridgely (also, I updated it so that it doesn't display a console window anymore (that was dumb of me to begin with)) to the one-minute programs section. I'll have a few more stupid utilities later. Yes, I'm still working on Dial-a-fix. I have a lot of work lately so I do not get a lot of time to work on it, but I will most likely be releasing a new version early 2006.
