WIndows Updates were released on 11-08-05

[Wiz Feinberg]

A reminder to go to Windows Updates (PC users) for today's critical patch. Yes, there is only one today, plus an updated Malicious Software Removal Tool.

The flaw that is patched is in the Windows Graphics Rendering Engine, and is extremely critical! Failure to apply the patch may result in the takeover of your computer.

Go Getem'! Better yet, turn ON automatic Updates for a time when your 'puter is on and online.

Here is what Microsoft has to say about this vulnerability and the critical patch they provided on 11-08-05:

MS05-053 - Vulnerabilities in Graphics Rendering Engine Could Allow
Code Execution (896424)

- Affected Software:
- Windows 2000 Service Pack 4
- Windows XP Service Pack 1
- Windows XP Service Pack 2
- Windows XP 64-Bit Edition Version 2003 (Itanium)
- Windows XP Professional x64 Edition
- Windows Server 2003
- Windows Server 2003 for Itanium-based Systems
- Windows Server 2003 with SP1 for Itanium-based Systems
- Windows Server 2003 x64 Edition

Impact: Remote Code Execution

Vulnerabilities exist in Windows that could allow an attacker to take complete control of the affected system.

The complete Technet security bulletin can be found here: http://www.microsoft.com/technet/security/Bulletin/MS05-053.mspx

Wiz<font size="1" color="#8e236b"><p align="center">[This message was edited by Wiz Feinberg on 09 November 2005 at 08:08 AM.]</p></FONT><font size="1" color="#8e236b"><p align="center">[This message was edited by Wiz Feinberg on 09 November 2005 at 08:09 AM.]</p></FONT>

[Wiz Feinberg]

Anti-virus vendor Trend Micro Inc. has spotted a Trojan in the wild attacking Windows users via the image rendering flaws patched by Microsoft Corp. two days ago.

The Trojan, identified as TROJ_EMFSPLOIT.A, causes the "explorer.exe" file to crash, causing the taskbar on unpatched Windows machines to disappear.

The "explorer.exe" process is a required file used to manage the Windows Graphical Shell including the Start menu, taskbar, desktop and File Manager. A malicious attack that disrupts those essential services is considered very disruptive.

Trend Micro described the exploit as a "proof-of-concept Trojan" that exploits the Graphics Rendering Engine vulnerability patched by Microsoft earlier this week.

Source and more details at: http://www.eweek.com/article2/0,1759,1885050,00.asp?kc=EWRSS03129TX1K0000614

Wiz Feinberg
<small>Wizcrafts Computer Services</small>
<font size="1" color="#8e236b"><p align="center">[This message was edited by Wiz Feinberg on 11 November 2005 at 09:57 AM.]</p></FONT>

[Ricky Davis]

Yes Wiz; after I downloaded the new updates you suggested; I got that Trojan virus...as my Norton discovered it....>so maybe it wasn't a good idea eh??
I was able to run a full scan and it fixed and deleted that Trojan....>damn things...
Ricky

[Wiz Feinberg]

Ricky;
Are you saying that after applying the patch from MS and rebooting that you were infected by the virus mentioned above, the one that makes your taskbar dissappear?

Wiz

[Ricky Davis]

Yes after applying the patch; my antivirus flagged a trojan.downloader the next day. I don't know which one is was; as I immediately scanned and found and deleted it and it's gone off my system.
I haven't been affected by a virus; inthat I've seen any results from one: so I can't really say which it is.
Isn't microsoft saying they have found a bug in their new patch?? or am I reading it wrong??
No worries Wiz; everything is fine with my machine...I just found it odd that Norton found this on my machine after I installed the patch(s).
Ricky

[Wiz Feinberg]

Ricky;
The bug you asked about is with the previous patch MS05-051, released in October, not the new patch, and does not usually affect consumer machines. This patch fixes a gaping hole in the entire graphics rendering engine used in Windows itself, and affects all machines.

The trojan.downloader usually gets onto your computer through loose Internet Explorer ActiveX and file download settings. It can also arrive in an infected email or bit torrent/filesharing download.


------------------
Bob "Wiz" Feinberg
Moderator of the SGF Computers Forum
<small>Visit my Wiztunes Steel Guitar website at: http://www.wiztunes.com/
or my computer troubleshooting website: Wizcrafts Computer Services</small>

[Ricky Davis]

Ok Cool Wiz.
I'm good and clean now no worries.
I don't even think it was trojan.downloader...that was something else. It was some other trojan virus I forgot the name of.
But all clean here.
Ricky