http://www.microsoft.com/technet/securi ... 12840.mspx
This one is particularly bad for several reasons:
1. It affects just about every Microsoft OS back through Windows 98
2. It is what is called a "Zero Day" flaw, meaning that the bad guys had already deployed exploits to take advantage of this flaw before the good guys even knew it existed.
3. You can be infected by simply viewing an image on a web site or in an email.
There is no fix yet, but there are several things you can do to help protect yourself:
1. Make sure your antivirus software is up-to-date and is configured to scan web content (http) and email (pop) in real time. Scanning files alone won't protect you.
2. Run the following in a command prompt to disable one of the main known vectors of attack (this will provide some protection at the expense of some loss of function - e.g. no more image previews in Explorer):
- Code: Select all
regsvr32 -u %windir%\system32\shimgvw.dll
3. Don't read email from unkown senders or follow links to unkown web sites.
4. Configure your email client to display email in plain text only.
5. Switch to Apple, Linux, etc. (sigh)
For what it is worth, using non-Microsoft browsers (Firefox, Opera) and mail readers (Thunderbird, Eudora) will not protect you. The problem lies in a lower level Window's component that third-party browsers and mail readers also utilize.
Also, for any of you who have been partially following this issue and who have implemented the registry fix, that "fix" has since been proven to be ineffective. As of now the only work-around known to provide at least some protection is the regsvr32 command in step 2 above (and as listed in Microsoft's security bulletin).