More news today at SANs on the WMF exploit situation.
Metasploit, a well-known “white hat” group that comes up with code for exploits to test network systems, has come up with a new way to use the WMF exploit to “bypass all known IDS signatures”.
Link here.
And new ways to install the unofficial hotfix, silently and via a script.
So what’s your best defense? We recommend doing the following two simple steps:
1. Apply the unofficial hotfix.
2. Unregister shimgvw.dll.
Of course, antivirus protection is essential these days, and if you’re on a budget, you can always get one for free. Read my article on cheap and free security tools here.
My latest word from Microsoft is that there is no official timeline for a patch, but I would be quite surprised if they didn’t patch this at the very least on Tuesday the 10th. One hopes sooner…
Alex Eckelberry