This one does not stop many vectors Ken Leitman AVP Gets - Intel Engineering Alliance Capital Mgmt. 135 West 50th Street New York, NY 10020 _____ From: windows2000-bounce@xxxxxxxxxxxxx [mailto:windows2000-bounce@xxxxxxxxxxxxx] On Behalf Of Jim Kenzig http://ThinHelp.com Sent: Friday, December 30, 2005 12:23 PM To: thin@xxxxxxxxxxxxx; windows2000@xxxxxxxxxxxxx Subject: [windows2000] Another Workaround Alert: Zero day exploit...I suggest you do this workaround if you have a Windows 2003 server! http://www.eweek.com/article2/0,1895,1906211,00.asp Looks like original workaround disables explorer thumbnails...this is a Regedit one. JK From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Jim Kenzig http://ThinHelp.com Sent: Friday, December 30, 2005 8:53 AM To: windows2000@xxxxxxxxxxxxx; thin@xxxxxxxxxxxxx Subject: [THIN] Re: Alert: Zero day exploit...I suggest you do this workaround if you have a Windows 2003 server! More on this from Larry Seltzer... http://www.eweek.com/article2/0,1895,1906513,00.asp ----- Original Message ---- From: Jim Kenzig http://ThinHelp.com < To: windows2000@xxxxxxxxxxxxx; thin@xxxxxxxxxxxxx Sent: Friday, December 30, 2005 8:20:39 AM Subject: Re: Alert: Zero day exploit...I suggest you do this workaround if you have a Windows 2003 server! Microsoft's security advisory out on this attack: http://www.microsoft.com/technet/security/advisory/912840.mspx JK ----- Original Message ---- From: Jim Kenzig http://ThinHelp.com To: thin@xxxxxxxxxxxxx; windows2000@xxxxxxxxxxxxx Sent: Thursday, December 29, 2005 5:43:06 PM Subject: [windows2000] Alert: Zero day exploit...I suggest you do this workaround if you have a Windows 2003 server! See http://www.eweek.com/article2/0,1895,1906210,00.asp The workaround is: A workaround called REGSVR32 has been posted and was included in Microsoft's advisory. The workaround is as follows, as quoted from the advisory: Un-register the Windows Picture and Fax Viewer (Shimgvw.dll) 1. Click Start, click Run, type "regsvr32 -u %windir%\system32\shimgvw.dll" (without the quotation marks), and then click OK. 2. A dialog box appears to confirm that the un-registration process has succeeded. * Click OK to close the dialog box. Impact of Workaround: The Windows Picture and Fax Viewer will no longer be started when users click on a link to an image type that is associated with the Windows Picture and Fax Viewer. Jim Kenzig http://thinhelp.com <http://thinhelp.com/> ----------------------------------------- The information contained in this transmission may be privileged and confidential and is intended only for the use of the person(s) named above. If you are not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, any review, dissemination, distribution or duplication of this communication is strictly prohibited. If you are not the intended recipient, please contact the sender immediately by reply e-mail and destroy all copies of the original message. Please note that we do not accept account orders and/or instructions by e-mail, and therefore will not be responsible for carrying out such orders and/or instructions. If you, as the intended recipient of this message, the purpose of which is to inform and update our clients, prospects and consultants of developments relating to our services and products, would not like to receive further e-mail correspondence from the sender, please "reply" to the sender indicating your wishes. In the U.S.: 1345 Avenue of the Americas, New York, NY 10105.