Sunday, January 01, 2006

MetaFile Problems Continue..

The SANS Institute's Internet Storm Center (ISC) has raised the infocon level back to yellow, based on the metafile issues that were announced December 28. F-Secure has announced the discovery of using .jpeg attachments in email to propogate this virus/vulnerability and the irresponsible disclosure by FRIST.

There is a temporary patch that is being recommended by the ISC written by Ilfak Guilfanov that will mitigate the problem. The patch can be downloaded at

You are still HIGHLY recommended to unregister the dll I listed on December 28th in addition to this patch.

SECURE YOUR COMPUTER. I will be testing it at home and will let post if there are any problems noticed.

Update - 1/3/06 - I have had no issue with the patch so far. Microsoft is scheduled to release their patch on 1/10/06, depending on the results of their testing. The patch put out by Ilfak can be easily uninstalled and should be when Microsoft releases their patch.


Post a Comment

<< Home