MS Windows WMF Security Hole Workaround01/03/2006 04:14 PM
Finally, a way to disable the WMF
security hole (it's a design
flaw, so MS hasn't released a fix for it yet and antivirus writers can't
either).
The suggested MS workaround is to disable
shell preview by unregistering the shimgvw.dll DLL. However, this
leaves applications such as Lotus Notes and Firefox that use the WMF Windows
APIs vulnerable. A clever developer named Ilfak
Guilfanov has done what MS
should have released immediately...something that patches all the Windows
DLLs and disables the WMF callbacks so customers can secure their systems
as much as possible unless they find that it disables software they need
to work (probably only graphics programs).
For a Lotus Notes-specific workaround (but this doesn't prevent other programs
from using WMF files), Julian
Robichaux has put up a way
to edit the KeyView.ini file to disable previewing of the WMF file format.
Keep in mind that Ilfak's technique covers the security hole for
*all* programs.
Ken's Blog
MS Windows WMF Security Hole Workaround01/03/2006 04:14 PM
-