I used a domain login script to unregistered the dll and sent out an email telling everyone to log off and back on, took 5 min. after the patch is applied I'll reregister it the same way. Mark -----Original Message----- From: Ball, Dan [mailto:DBall@xxxxxxxxxxx] Sent: Wednesday, January 04, 2006 9:25 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: WMF Vunrability http://www.ISAserver.org I searched for about an hour last night about how to "block" this, but only came up with a couple of solutions. One is a patch written by a third-party that you install on your computer, and the other is to unregister some DLLs to disable that feature entirely. Both of these seemed to be very time-consuming methods, and with 1200 computers to update in a little over 24 hours it didn't seem worth it. Symantec appears to be confident that their real-time protection with current definitions will vastly reduce that threat, so I think we'll just ride out the storm until the "official" patch is released. Since all workstations are behind the ISA server, Internet access to a compromised machine is difficult at best. -----Original Message----- From: Brian Boyes [mailto:BrianB@xxxxxxxxx] Sent: Wednesday, January 04, 2006 12:02 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: WMF Vunrability http://www.ISAserver.org > I have installed the "wmf" block to my ISA 2004 clients but I not sure > how to set this up for ISA 2000. > Could someone provide advice of the best way to do this. Did anyone ever post an answer? I'm curious about this "wmf block". Brian ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: dball@xxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: mmorgan@xxxxxxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx -- No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.1.371 / Virus Database: 267.14.12/220 - Release Date: 01/03/2006 -- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.1.371 / Virus Database: 267.14.12/220 - Release Date: 01/03/2006