Nation Hurricane Center
SATELLITE IMAGERY INDICATES THAT AN AREA OF LOW PRESSURE IN THE
EASTERN ATLANTIC HAS DEVELOPED INTO A TROPICAL STORM ABOUT 1000
MILES SOUTH-SOUTHWEST OF THE AZORES. A SPECIAL ADVISORY ON
TROPICAL STORM ZETA IS IN PREPARATION AND WILL BE ISSUED IN AN HOUR
OR SO.
Microsoft Security Advisory (912840) Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution Microsoft is investigating new public reports of a vulnerability in Windows. Microsoft is also aware of the public release of detailed exploit code that could be used to exploit this vulnerability. Based on our investigation, this exploit code could allow an attacker to execute arbitrary code on the user’s system by hosting a specially crafted Windows Metafile (WMF) image on a malicious Web site. Microsoft is aware that this vulnerability is being actively exploited.
Microsoft has determined that an attacker using this exploit would have no way to force users to visit a malicious Web site. Instead, an attacker would have to persuade them to visit the Web site, typically by getting them to click a link that takes them to the attacker’s Web site. In an e-mail based attack, customers would have to be persuaded to click on a link within a malicious e-mail or open an attachment that exploited the vulnerability. In both the web and email based attacks, the code would execute in the security context of the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Temorary Workaround to prevent infection
If all goes well, you will receive a confirmation prompt, and your system is now safe. No need to reboot, but you might want to just to be sure that any possible currently loaded instance is flushed out.
To eventually re-enable the “SHIMGVW.DLL” component:
Additional reading and information:
http://www.f-secure.com/weblog/archives/archive-122005.html#00000754
http://secunia.com/advisories/18255/
http://vil.mcafeesecurity.com/vil/content/v_137760.htm
http://www.securityfocus.com/bid/16074/info
http://sunbeltblog.blogspot.com/2005/12/new-exploit-blows-by-fully-patched.html
http://redxii.blogspot.com/2005/12/vulnerabilities-in-graphics-rendering.html
http://www.microsoft.com/technet/security/advisory/912840.mspx
The second audioblog post this month. Nothing too special, just talked about being off from work for the last couple of days, fixing computers, and our 1st Christmas Potluck.
I have learned to have patience when working with Apple iBooks. They work on their own time-table when upgrading the OS. (Damn thing is still sitting here) Other than that, just listen to me talk about talking and you listening. It is a very full circle kind of update.
Duration: 10:40
Direct download: 20051220JohnTracy.mp3
Subscribe: http://johntracy.libsyn.com/rss
I had to go ahead and post this before I forgot about it.
While driving down Taylor Road today on the way to my final I saw a guy in “good-ole-boy” pickup truck with a sticker in the middle of the rear window that read “Rage Against the Machine.” Right next to this kick-ass sticker, was the deep-south, way out there right wing, “W” The president sticker. I found this to be incredibly ironic, and at the same time very confusing. I wanted to laugh and cry at the same time.
To be perfectly honest, I wanted beat the shit out of the guy for not realizing how different his view points and that of Rage Against the Machine’s really were. Hum.
Anyway, I am off to my final now. I studied for about 2 hours today after I got out of work early. I don’t think I can push anymore information that isn’t already there into my head. It shouldn’t be that bad, just a multiple-choice exam. I don’t think it counts as much as other tests. The real whammy is coming up Wednesday for my Business Statistics exam. I swear, I know of no business that actually use calculus and finite mathematics as much as this book is saying. Whatever, whatever, and Amen.
Christmas has started again for the humble residents of the Carriage House in Old Cloverdale. Today was all about the season, and all about the preparation for the holiday. Erika and I got our tree this evening, a nice tall Douglas Fir stretching about 8 feet. We pulled up to the house and immediately began working on it. Taking no time out to sit around, I asked our neighbor for a saw and shaved the very bottom off the tree so it can take the water easier. Erika quickly grabbed the stand and we got to work making the tree rise straight and tall.
Now the tree was standing up straight, and the bottom was shaved, but you can’t just leave a tree bare the first night you have it. Decorations, lights, everything must be done when you get it. The pride one receives from bringing it from a tree in a lot of trees, to a fully decorated Christmas tree is something of a mystery to me. Why do people put decorations on the trees, and more importantly, why do we put these decorated trees in our homes? I don’t know the answer to either of these questions, I do know how nice it makes the house feel after we finish getting all the decoration in place and I guess that is all that matters.
Apparently, this is what it looks like when you don’t empty your recycle bin for months on end. I just checked my recycle bin today and it had over 6.5GB of crap in there. Welcome back HDD.
Okay, This guy is creepy
So, I am doing two things right now. I am testing out this client based posing tool called w.bloggar. At the same time, I realized that I have gotten way to comfortable with looking ANYTHING up on the Internet. Here is why. I heard rain drops outside, and instead of getting up, walking 3 feet to the door, and looking outside, I instead typed the address of the local dopplar radar into my web browser. Indeed, it is raining I thought, and then also realized I could have done this without having technological proof it was raining. Eh!
So, back to what I was talking about with w.bloggar… It is certainly something I have been looking for, and I am trying to figure out if it is going to do everything I want it to do. Apparently, it will not only let me upload posts and such to my personal blog @ www.johntracy.com, but it will also allow me to post to any blog service or format I can think of. Livejournal, blogger, movabletype, typepad, the list goes on. I am about to hit the post button to see if this does in fact work, and then try some more advanced features assuming this does work.
After 25 years, John Lennon, is in fact, still quite dead.
