Homestar Runner Wiki Forum

Read this!!! This is important, too!!

There is a huge vulnerability in all versions of windows, from Windows 95 to Windows XP. This is not a new vulnerability. It's been in windows since 1991. It is just now that hackers are starting to take advantage of this flaw to attack your computer. Microsoft has acknowlaged this issue However, they have not come out with a patch and the only fix they can provide is extremely weak and won't cure it.

A man called Ilfak Guilfanov has created a patch that makes Windows computers completely invulnerable to exploitation. This patch has been verifyed and is highly recommended by [url="http://en.wikipedia.org/wiki/Leo_Laporte"]Leo Laporte[/url] and [url="http://en.wikipedia.org/wiki/Steve_Gibson" target="_blank"]Steve Gibson[/url]. Geeks who watched TechTv will know those two people as very trustworthy.

[url="http://www.hexblog.com/security/files/wmffix_hexblog13.exe"]Click here to download the patch.[/url]

You SHOULD REMOVE THIS PATCH to restore full functionality to Windows Metafile processing once WIndows has been officially updated and repaired.

To Remove: Simply open the Windows Control Panel "Add/Remove Programs", where you will find the "Windows WMF Metafile Vulnerability HotFix" listed. Remove it, then reboot.

For the good of your computer, download this patch now!!!!

_________________
[Coming to a Signature near you]

I highly doubt this.

Um, it's backed up by several web pages. And they're all good sources.


This is why I use a Mac. LOSERS!

_________________
So, so you think you can tell Heaven from Hell, blue skies from pain. Can you tell a green field from a cold steel rail? A smile from a veil? Do you think you can tell?

Yeah, I'm not downloading any patch. It's to risky.
Like my Papa always said:

"Never download patches from strangers."

Though you're all very wise not to trust dposse, the vulnerability he's talking about is very real and very dangerous and, believe it or not, the patch he links to, though unofficial, is legitimate. If you want more information, I recommend you check out this FAQ from SANS which explains the vulnerability and gives two different ways to fix it.

_________________

Yeah, it's real, it was in the Washington Post.

Anyway, I'm not downloading a patch either way. I don't care how much spyware and how many viruses attack me since I'm getting a new computer soon. Even then, I have the suggested requirements the Washington Post listed.

_________________

I just installed the patch. I've heard of something similar (and not as severe) like this a few months back but with JPEGs in IE, but that's probably been fixed for a long time by now.

_________________

Well, I trust IJ and Disk, so I might get it.. I'll think about it.

I just got that patch before I read this. I'm really paranoid about my computer.

_________________

Also, here's a blog post by the guy who put together the patch that dposse linked, which at least will make it seem less like a random-file-that-could-be-anything to you:

http://www.hexblog.com/2005/12/wmf_vuln.html

_________________

Are you guys 100% sure about this thing? Are you sur eit's safe to download? It just sounds so suspicious. Plus, Microsoft will be coming out with a patch soon, too.

thank you. I'm trying to inform as many people as i can about this flaw. Leo Laportes websites are being DoSed today because Leo ticked the hackers off when he announced this.

oh, and im very sorry about the broken links. I really hate BBCode...

_________________
[Coming to a Signature near you]

Guys: stay calm. If you use normal computer protection skills (using any browser but M$IE, not opening emails with attachments that you arent expecting, etc) you won't be "attacked".

This is another case where Firefox is for the win.

_________________

Hehe, suckers...

For all intents and purposes, Jello B. has decided to make it clear that he is using Linux. I said "Forget him," and made it unclear. This is a message from Jello B.'s personal "secretary".

_________________

Wait, so I first download the patch then remove it, thats all right?

Hey, this looks interesting.

I might get it.

(And please, PLEEEAASSE don't turn this into a freaking stupid Firefox versus IE war. I am just freaking sick of peopple always bashing IE, even though it has really good point. I don't give a crap about skins, as long as I can be on it.)

_________________

You can scan it for threats w/ norton antiviris. Or any other viris protection proram.

_________________
Alright! You win, The Noid! No more memes.

sure glad i'm a mac person

_________________
I saw a dog today...

FYI even if you use Firefox you're not comletely protected. See the SANS FAQ.

_________________

I also heard something on the news about a virus that is spread with MSN... does anyone know more about that?

_________________
In case you think this is interesting.

There's a whole bunch of them. Instant messaging is an open target basically because alot of the people who use them are just little third graders who'll click any link the comes their way.

_________________

It was something special, otherwise it woulnd't have been on the news.

_________________
In case you think this is interesting.

You only remove it once Microsoft releases their patch, though. Only saying that because just from the phrasing, it sounds like you think we're supposed to install in then immediately uninstall it. XD In such a case, no, you download it, then as I said, remove it once Microsoft's patch is released.

Still, though: if you don't go to any sites you don't trust and exersize normal caution, you should be fine.

_________________

Oh, well I feel dumb.

Hey! Who are you calling someone that will click any link that comes there way?

_________________
Alright! You win, The Noid! No more memes.

Are You replying to Me?

I think I'll wait till the official one comes out.

_________________

*Mandies computer blows up*

So...Does anyone know when the official patch is due to be out?

If not already.

_________________

For your information it is not tech tv anymore, It's G4tv

_________________
Wow, It's been like three or 4 years since I've last been here