The Spark Between

Huge Windows Metafile vulnerability and zero-day exploit announced 12/28/2005… yes I know I’m late. If you missed it and you run any version of Windows from 98 to 2003, including ME, XP, 2k, etc, follow these steps immediately to partially secure your computer from this vulnerability that Microsoft has yet to patch:

1. Click on Start
2. Click on Run…
3. Type this command and click OK: regsvr32 -u shimgvw.dll
4. A confirmation box will appear to inform you that the DLL has been unregistered.

What did that do for you, besides protecting your computer from viruses that can install themselves just by you visiting an infected webpage? Read Steve Gibson’s detailed explanation for more information, as well as details on how to reregister that DLL once this blows over and a patch comes out.

Note: You are vulnerable to this exploit even if running Firefox or Opera instead of Internet Explorer as your web browser. Run these preventative steps now!

Further Note: Unregistering this DLL does have side effects. It will disable the thumbnail previews in Windows Explorer and other applications. This is a good thing, because it will help prevent you from infecting yourself. See the above link for more information.