-->

  Friday, December 13, 2019

Home

Services

Systems

Technical Support

Virus Prevention
and Detection


Spyware Prevention
and Detection


Personal Computer
Support Contract


Domains by Landmark

Web Sites by Landmark

Remote Support by Landmark

Adventures of Landmark Lad

Testimonials

About Us

Elevator Speech

Privacy Policy

Contact Us



About this site

Welcome to the Landmark Web, your guide to the issues surrounding personal computing and effective use of your own PC. We've made many resources available here: from broad-based news and views about the computing industry to specific technical support for you and your computer. So dig in and learn more about your computer and the Internet with Landmark as your guide.


Tell a friend about this page!

Landmark Computer Labs wants everyone to know about the useful information we provide to clients and friends.


We use this address only to tell the recipient who sent the message. We do not save or re-use it in any way.
Click here for this site's
Privacy Policy.

Patch for Windows Meta File Vulnerability

Note: This issue has been resolved and is posted here for archival purposes only.

Ilfak Guilfanov's Windows MetaFile fix from Hexblog.com is an emergency patch for the Windows Meta File flaw discovered in late December 2005. The vulnerability affects users of Windows 2000 and Windows XP.
 
Click on Bud's Blog for details about the Windows Meta File vulnerability and why it is so critical. Click here to run a vulnerability checker that can confirm that your computer needs the WMF fix. Click here to download the patch itself (Windows MetaFile fix).
 
(Links removed.)
 
Read carefully: While it is not approved by Microsoft, respected Internet sources claim that the fix effectively blocks hacker exploits using the WMF vulnerability. There are side effects: You won't be able to view photo thumbnails in Windows Explorer, for example.
 
The Microsoft patch is expected on January 10; here's the company statement about this Windows vulnerability. Microsoft notes that "the issue is serious and the attacks are being attempted . . . (although) attacks exploiting the WMF vulnerability are being effectively mitigated by anti-virus companies with up-to-date signatures."
 
Until Microsoft can release a fix, the company advises that "Users should take care not to visit unfamiliar or untrusted Web sites that could potentially host the malicious code."
 
Here's a link to the Hexblog FAQ on the WMF vulnerability, and a link to Steve Gibson's notes at Gibson Research Corp. Steve and Ilfak are both highly respected software gurus.
 
George Ou, writing for ZDNet in his January 4 blog, concurs that you need to install this patch now.
 
Note: This is a brand-new patch for a serious software vulnerability. We believe it is in your best interest to download and install this file. We have done it ourselves on our own computers. However, we cannot take responsibility for system problems resulting from this patch. Use it at your own risk!
 
Once Microsoft posts its own patch, we suggest you download and install the official Microsoft fix, using the Windows Update procedure. After the computer reboots following installation of the patch, you can safely remove the temporary WMF patch (Control Panel / Add/Remove Programs / WMFHotFix).
 

Note: The following was written after the Windows Meta File vulnerability issue was resolved.

Microsoft released its own fix much earlier than expected, and you should now use that instead of the temporary patch. If you're not sure whether your computer has the official fix, go to Windows Updates (Start / All Programs / Windows Update) and get the latest "express" updates. Your computer will download the patch and then reboot. (If you got a Windows patch in the last couple of days that forced you to reboot, that's the one!)

AFTER you are sure you have the official patch, make sure you uninstall the "unofficial" one. You'll find it under Control Panel / Add or Remove Programs / WMFHotFix, MSI Version 1.


Free newsletter: Sign up now!

Sign me up!

The View from Landmark . . .

. . . a periodic electronic publication designed to inform subscribers of trends and issues in personal computing. Each issue features a variety of topics:

  • the latest on viruses, spam, and Internet security,
  • hardware and software technologies explained in simple English,
  • email, Web site, and
    Internet marketing tips,
  • and much more.

We invite you to visit The View from Landmark. Read our Preview Editions and sign up for a free subscription. We'll try to make it worth your while, and we promise we'll never spam you!

The View from Landmark -- a free email newsletter designed to help you make the most of your personal computer

Above: Evening rush hour in Landmark's Condo Canyon.


Other Web sites of particular interest to our clients:

Ameri-Tech Concepts, Inc. (Customer site: Remanufactured cartridges for laser printers)

Ameri-Tech Concepts, Inc. (Remanufacturers site: Tools and chemicals for cartridge remanufacturing)

Law Offices of Richard S. Stolker and Uptown Law, LLC (Regional law firm serving the Washington, DC metropolitan area)

Metropolitan Washington Mensa (Washington, DC chapter of this high-IQ social organization)

WMF-vulnerability-resolved.shtml     |     Updated Wednesday, November 8, 2006
Landmark Computer Labs, Domains by Landmark, and Landmark Ameritech are registered trade names of Landmark Computer Laboratories, Inc.
Copyright © 1981-2017 Landmark Computer Laboratories, Inc.     |     Privacy Policy     |     Contact Us