Out Citrix servers are Win2K so I think we are ok. However we have a lot of fat XP clients I'm working on. Matthew Shrewsbury, MCSE+Internet MCSE 2000 CCA Server+ Senior Network Administrator -----Original Message----- From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Jim Kenzig http://ThinHelp.com Sent: Friday, December 30, 2005 9:32 AM To: thin@xxxxxxxxxxxxx Subject: [THIN] Re: Alert: Zero day exploit...I suggest you do this workaround if you have a Windows 2003 server! That's what I'm here for. : ) Hope the list is quiet because everyone is busily patching their servers with the workaround and not Out of the office. Jim ----- Original Message ---- From: Matthew Shrewsbury < To: thin@xxxxxxxxxxxxx Sent: Friday, December 30, 2005 9:27:10 AM Subject: [THIN] Re: Alert: Zero day exploit...I suggest you do this workaround if you have a Windows 2003 server! Thanks for the info! Matthew Shrewsbury, MCSE+Internet MCSE 2000 CCA Server+ Senior Network Administrator -----Original Message----- From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Jim Kenzig http://ThinHelp.com Sent: Friday, December 30, 2005 8:53 AM To: windows2000@xxxxxxxxxxxxx; thin@xxxxxxxxxxxxx Subject: [THIN] Re: Alert: Zero day exploit...I suggest you do this workaround if you have a Windows 2003 server! More on this from Larry Seltzer... http://www.eweek.com/article2/0,1895,1906513,00.asp ----- Original Message ---- From: Jim Kenzig http://ThinHelp.com < To: windows2000@xxxxxxxxxxxxx; thin@xxxxxxxxxxxxx Sent: Friday, December 30, 2005 8:20:39 AM Subject: Re: Alert: Zero day exploit...I suggest you do this workaround if you have a Windows 2003 server! Microsoft's security advisory out on this attack: http://www.microsoft.com/technet/security/advisory/912840.mspx JK ----- Original Message ---- From: Jim Kenzig http://ThinHelp.com To: thin@xxxxxxxxxxxxx; windows2000@xxxxxxxxxxxxx Sent: Thursday, December 29, 2005 5:43:06 PM Subject: [windows2000] Alert: Zero day exploit...I suggest you do this workaround if you have a Windows 2003 server! See http://www.eweek.com/article2/0,1895,1906210,00.asp The workaround is: A workaround called REGSVR32 has been posted and was included in Microsoft's advisory. The workaround is as follows, as quoted from the advisory: Un-register the Windows Picture and Fax Viewer (Shimgvw.dll) 1. Click Start, click Run, type "regsvr32 -u %windir%\system32\shimgvw.dll" (without the quotation marks), and then click OK. 2. A dialog box appears to confirm that the un-registration process has succeeded. * Click OK to close the dialog box. Impact of Workaround: The Windows Picture and Fax Viewer will no longer be started when users click on a link to an image type that is associated with the Windows Picture and Fax Viewer. Jim Kenzig http://thinhelp.com <http://thinhelp.com/>