RE: WMF Vunrability

  • From: "Mark Morgan" <MMorgan@xxxxxxxxxxxxxxxxxxxxx>
  • To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Wed, 4 Jan 2006 16:15:14 -0800

 
I used a domain login script to unregistered the dll and sent out an email 
telling everyone to log off and back on, took 5 min. after the patch is applied 
I'll reregister it the same way.  


Mark 

-----Original Message-----
From: Ball, Dan [mailto:DBall@xxxxxxxxxxx] 
Sent: Wednesday, January 04, 2006 9:25 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: WMF Vunrability

http://www.ISAserver.org

I searched for about an hour last night about how to "block" this, but only 
came up with a couple of solutions.  One is a patch written by a third-party 
that you install on your computer, and the other is to unregister some DLLs to 
disable that feature entirely.  Both of these seemed to be very time-consuming 
methods, and with 1200 computers to update in a little over 24 hours it didn't 
seem worth it.  

Symantec appears to be confident that their real-time protection with current 
definitions will vastly reduce that threat, so I think we'll just ride out the 
storm until the "official" patch is released.  Since all workstations are 
behind the ISA server, Internet access to a compromised machine is difficult at 
best.

-----Original Message-----
From: Brian Boyes [mailto:BrianB@xxxxxxxxx]
Sent: Wednesday, January 04, 2006 12:02 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: WMF Vunrability

http://www.ISAserver.org

> I have installed the "wmf" block to my ISA 2004 clients but I not sure 
> how to set this up for ISA 2000.
> Could someone provide advice of the best way to do this.

Did anyone ever post an answer? I'm curious about this "wmf block".

Brian


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
dball@xxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: 
mmorgan@xxxxxxxxxxxxxxxxxxxxx To unsubscribe visit 
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

--
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.1.371 / Virus Database: 267.14.12/220 - Release Date: 01/03/2006
 

-- 
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.371 / Virus Database: 267.14.12/220 - Release Date: 01/03/2006

Other related posts:

  1. Home
  2. isalist
  3. Archive
  4. 01-2006