[CS-FSLUG] Another Major MS Windows Security Flaw
Ed Hurst
ehurst at asisaid.com
Mon Jan 2 09:17:49 CST 2006
Frank Bax wrote:
> Perhaps because there are backslashes missing in the original quote?
>
> I suspect that perhaps:
> %windir%system32shimgvw.dll
> should be:
> %windir%\system32\shimgvw.dll
>
> Or perhaps, it's because
>
> http://weblog.infoworld.com/zeroday/archives/2005/12/new_years_eve_a.html
>
> This viruslist.com
> <http://www.viruslist.com/en/weblog?discuss=176892530&return=1>entry also
> goes on to point out that the problem seems to be in gdi32.dll and not in
> shimgvw.dll as previously thought as it is possible to exploit a system
> where shimgvw.dll has been unregistered and deleted.
In reading around on this, I detect a powerful element of hysteria.
That's not so new in itself, however in the context, it has meaning.
Over the past two years there has been a tremendous collection of
serious flaws like this found, and folks have gotten jaded -- "exploit
of the week." To see this level of panic renewed, including the multiple
false solutions, reinforces the notion this is fairly serious.
There's a part of me that really feels for the lost sheep of MS. I wrote
in my blog how goats were included in sheep herds because they are
smarter. Goats will even counter-attack if there's no place to flee from
a predator. The computing metaphor is obvious: Feeling like a goat, anyone?
--
Ed Hurst
----------
Bible Application - http://ed.asisaid.com/bible/index.html
Plain & Simple Computer Help - http://ed.asisaid.com/
Mission, Method & Means - http://ed.asisaid.com/blog/
More information about the Christiansource
mailing list