New Exploit bug out there.

Sidle up to the bar (Lightly Moderated)

Moderator: Dictators in Training

New Exploit bug out there.

Postby kaharthemad » Wed Dec 28, 2005 1:05 pm

http://sunbeltblog.blogspot.com/2005/12/new-exploit-blows-by-fully-patched.html

no shit...this thing is the antichrist. I got hit with it last night. took me 3 hours to fix it. It goes right thru windows.
Image
User avatar
kaharthemad
NT Traveller
NT Traveller
 
Posts: 3768
Joined: Sat Mar 27, 2004 8:47 am
Location: Somewhere South of Disorder

Postby Captain Insano » Wed Dec 28, 2005 1:54 pm

can you dup plat with it?
Tossica: No, you're gay because you suck on cocks.

Darcler:
Get rid of the pictures of the goofy looking white guy. That opens two right there.

Mazzletoffarado: That's me fucktard
Vivalicious wrote:Lots of females don't want you to put your penis in their mouths. Some prefer it in their ass.
User avatar
Captain Insano
Nappy Headed Ho
Nappy Headed Ho
 
Posts: 8368
Joined: Fri Apr 16, 2004 1:04 pm
Location: SoCal

Postby kaharthemad » Wed Dec 28, 2005 2:34 pm

no but it will fuxor your system in about 5 minutes
Image
User avatar
kaharthemad
NT Traveller
NT Traveller
 
Posts: 3768
Joined: Sat Mar 27, 2004 8:47 am
Location: Somewhere South of Disorder

Postby Ouchyfish » Wed Dec 28, 2005 7:32 pm

Thanks for the heads-up!!!!
Lyion wrote:If Hillary wins Texas and Ohio, she'll win the nomination.


Tossica wrote:Seriously, there is NO WAY Sony is going to put HD-DVD out of the game.
User avatar
Ouchyfish
NT Patron
NT Patron
 
Posts: 4744
Joined: Wed Mar 10, 2004 1:57 am

Postby Diekan » Wed Dec 28, 2005 8:37 pm

We should execute people who write shit like that. Seriously, put them on death row and gas 'em.
User avatar
Diekan
NT Deity
NT Deity
 
Posts: 5736
Joined: Fri Mar 12, 2004 10:14 am

Postby Jesus » Wed Dec 28, 2005 9:06 pm

Diekan wrote:We should execute people who write shit like that. Seriously, put them on death row and gas 'em.


No, we should have standards for software setup so that shit like this can't happen to operating systems.
Jesus
NT Bixie
NT Bixie
 
Posts: 0
Joined: Wed Dec 22, 2004 11:15 am
Location: Iraq

Postby Lyion » Wed Dec 28, 2005 9:18 pm

What saves a man is to take a step. Then another step.
C. S. Lewis
User avatar
Lyion
Admin Abuse Squad
Admin Abuse Squad
 
Posts: 14376
Joined: Wed Mar 10, 2004 1:42 pm
Location: Ohio

Postby Captain Insano » Wed Dec 28, 2005 11:20 pm

motherfucking crash override and zero cool were behind this... I know it!
Tossica: No, you're gay because you suck on cocks.

Darcler:
Get rid of the pictures of the goofy looking white guy. That opens two right there.

Mazzletoffarado: That's me fucktard
Vivalicious wrote:Lots of females don't want you to put your penis in their mouths. Some prefer it in their ass.
User avatar
Captain Insano
Nappy Headed Ho
Nappy Headed Ho
 
Posts: 8368
Joined: Fri Apr 16, 2004 1:04 pm
Location: SoCal

Postby Myg0t » Thu Dec 29, 2005 1:55 am

rofl i loved that movie when i was a kid
Captain_Insano wrote: It's also Abraham Lincoln's fault for freeing the slaves. Had he been shot earlier black people wouldn't have email accounts and internet access.
Myg0t
NT Froglok
NT Froglok
 
Posts: 217
Joined: Fri Sep 03, 2004 11:27 pm
Location: Paso Robles, CA

Postby kaharthemad » Thu Dec 29, 2005 10:45 am

Couple things to fix this bug. First off install AVG(not sure other Anti virus will work) Spybot and adaware. Update fuly then boot to safe mode. in safe mode run both. These two did manage to get rid of MOST this migraine. Also run hijack. Make sure the netsh file is not pulling as well. Also make sure you disable the following driver...in the run box "regsvr32 /u shimgvw.dll". Clean out your temp files on all your logins, clean out all temporary internet files and folders manually .

delete secure.html from your root.

reboot to normal mode and wash and repeat in all logon idents.

NOTE: You will have to go in and manually delete the virus from your windows directories in safe mode!!!!!


This is the best workaround I have developed for it. If you have questions, or need help I will have my AIM on all day. Dont leave this fucker sit...it has a spam program in it and will start sending emails. Ill be more than happy to help anyone out that needs it.

AIM: Kaharthemad
Image
User avatar
kaharthemad
NT Traveller
NT Traveller
 
Posts: 3768
Joined: Sat Mar 27, 2004 8:47 am
Location: Somewhere South of Disorder

Postby Captain Insano » Thu Dec 29, 2005 1:26 pm

Myg0t wrote:rofl i loved that movie when i was a kid


me too... that movie made me want to hack into angelina's pantys.
Tossica: No, you're gay because you suck on cocks.

Darcler:
Get rid of the pictures of the goofy looking white guy. That opens two right there.

Mazzletoffarado: That's me fucktard
Vivalicious wrote:Lots of females don't want you to put your penis in their mouths. Some prefer it in their ass.
User avatar
Captain Insano
Nappy Headed Ho
Nappy Headed Ho
 
Posts: 8368
Joined: Fri Apr 16, 2004 1:04 pm
Location: SoCal

Postby Tadpole » Thu Dec 29, 2005 5:19 pm

Fuck I got this.
Tadpole
NT Veteran
NT Veteran
 
Posts: 1227
Joined: Sat Mar 27, 2004 3:56 pm
Location: Pennsylvania

Postby kaharthemad » Thu Dec 29, 2005 6:01 pm

Tadpole wrote:Fuck I got this.

if you need help AIM me Ill do what I can. Or send me a PM and Ill shoot you my phone number. took me a while to figure out how to fix this
Image
User avatar
kaharthemad
NT Traveller
NT Traveller
 
Posts: 3768
Joined: Sat Mar 27, 2004 8:47 am
Location: Somewhere South of Disorder

Postby Captain Insano » Thu Dec 29, 2005 6:56 pm

I got that before too... I downloaded a crack for Oracle Financials for a friend. It totally fucked up my computer. 10 minutes later I was back to new after restoring with Norton Ghost.
Tossica: No, you're gay because you suck on cocks.

Darcler:
Get rid of the pictures of the goofy looking white guy. That opens two right there.

Mazzletoffarado: That's me fucktard
Vivalicious wrote:Lots of females don't want you to put your penis in their mouths. Some prefer it in their ass.
User avatar
Captain Insano
Nappy Headed Ho
Nappy Headed Ho
 
Posts: 8368
Joined: Fri Apr 16, 2004 1:04 pm
Location: SoCal

Postby Goose_Man » Fri Dec 30, 2005 12:14 am

I was surfing porn the other day and I clicked on a picture of a chick with giant tits getting railed and some script popped up on my intarweb explorer and suddenly I have 12332432343 x 10 pieces of spy ware and Nortans AV is having an aneurism.

I ran spy bot and it told me to suck a fat dick and shut down.

I ended up just moving all my business docs to CD and formatting my comp...

What ever got me was a hooker slut.
User avatar
Goose_Man
NT Patron
NT Patron
 
Posts: 1729
Joined: Fri Mar 12, 2004 4:46 pm
Location: San Antonio

Postby Gaazy » Fri Dec 30, 2005 12:32 am

how does one get this thing? i mean how do you become vulnurable to it?
User avatar
Gaazy
NT Deity
NT Deity
 
Posts: 5837
Joined: Fri Mar 12, 2004 8:32 am
Location: West by god Virginia

Postby Captain Insano » Fri Dec 30, 2005 12:43 am

the thing in this thread BLOWS right by even the best spyware progs and antivirus.

IMO virus is the least dangerous crap out there these days...Spywaredoes way more damage.
Tossica: No, you're gay because you suck on cocks.

Darcler:
Get rid of the pictures of the goofy looking white guy. That opens two right there.

Mazzletoffarado: That's me fucktard
Vivalicious wrote:Lots of females don't want you to put your penis in their mouths. Some prefer it in their ass.
User avatar
Captain Insano
Nappy Headed Ho
Nappy Headed Ho
 
Posts: 8368
Joined: Fri Apr 16, 2004 1:04 pm
Location: SoCal

Postby Ouchyfish » Fri Dec 30, 2005 12:48 am

There is an easy as hell prevention method in the interim, though. Just read the linked page above.
Lyion wrote:If Hillary wins Texas and Ohio, she'll win the nomination.


Tossica wrote:Seriously, there is NO WAY Sony is going to put HD-DVD out of the game.
User avatar
Ouchyfish
NT Patron
NT Patron
 
Posts: 4744
Joined: Wed Mar 10, 2004 1:57 am

Postby kaharthemad » Fri Dec 30, 2005 11:04 am

Gaazy wrote:how does one get this thing? i mean how do you become vulnurable to it?



thing is a fully patched box can infect. just goto a site that has it. thats all boys


the reg I told you about regsvr32 /u shimgvw.dll if you run that it will block your computer for running wmf files which is basically what starts this.
Image
User avatar
kaharthemad
NT Traveller
NT Traveller
 
Posts: 3768
Joined: Sat Mar 27, 2004 8:47 am
Location: Somewhere South of Disorder

Postby kaharthemad » Fri Dec 30, 2005 11:06 am

OuchyFish wrote:There is an easy as hell prevention method in the interim, though. Just read the linked page above.

Linked page is informative. I have been spending alot of time working on a actualy bug fix for it. If I can get it done Ill post a link to it.
Image
User avatar
kaharthemad
NT Traveller
NT Traveller
 
Posts: 3768
Joined: Sat Mar 27, 2004 8:47 am
Location: Somewhere South of Disorder

Postby Tacks » Thu Jan 05, 2006 11:10 am

Any easy way to get rid of this yet? I think my brother got this on his computer.
Tacks
NT Legend
NT Legend
 
Posts: 16393
Joined: Mon Mar 08, 2004 1:18 pm
Location: PA

Postby Martrae » Thu Jan 05, 2006 11:17 am

This damn thing changes how it infests your computer dependent on how up-to-date you've kept Windows patched.

So, no, there isn't an easy way to get rid of it. What works on one machine might not on another. What a PITA.
Inside each person lives two wolves. One is loyal, kind, respectful, humble and open to the mystery of life. The other is greedy, jealous, hateful, afraid and blind to the wonders of life. They are in battle for your spirit. The one who wins is the one you feed.
User avatar
Martrae
Admin Abuse Squad
Admin Abuse Squad
 
Posts: 11962
Joined: Mon Mar 15, 2004 9:46 am
Location: Georgia

Postby kaharthemad » Thu Jan 05, 2006 6:22 pm

http://www.microsoft.com/presspass/press/2006/jan06/01-05UpdatePR.mspx

Microsoft Releases Security Update to Fix Vulnerability in Windows
Vulnerability in graphics rendering engine could allow remote code execution.

REDMOND, Wash. – Jan. 5, 2006 – On Tuesday, Jan. 3, 2006, Microsoft Corp. announced that it would release a security update to help protect customers from exploitations of a vulnerability in the Windows® Meta File (WMF) area of code in the Windows operating system, in response to malicious and criminal attacks on computer users that were discovered last week.

Microsoft will release the update today, Thursday, Jan. 5, 2006, earlier than planned.

Microsoft originally planned to release the update on Tuesday, Jan. 10, 2006, as part of its regular monthly release of security bulletins, after testing for quality and application compatibility was complete. However, testing has been completed earlier than anticipated and the update is ready for release. In addition, Microsoft is releasing the update early in response to strong customer sentiment that the release should be made available as soon as possible.

Microsoft’s monitoring of attack data continues to indicate that the attacks are limited and are being mitigated both by Microsoft’s efforts to shut down malicious Web sites and by up-to-date signatures from anti-virus companies.

The security update will be available at 2 p.m. PST as MS06-001.

Consumer customers who use Automatic Updates will receive the update automatically and do not need to take any additional actions. Consumers can also manually download and deploy the update by visiting Microsoft Update or Windows Update. Consumers can also get more information at Microsoft's Security At Home Web site. Enterprise customers who are using Windows Server Update Services will receive the update automatically. In addition, the update is supported by Microsoft Baseline Security Analyzer 2.0, Systems Management Server and Software Update Services. Enterprise customers can also manually download the update from the Download Center.

Microsoft will hold a special webcast on Friday, Jan. 6, 2006, to provide technical details about MS06-001 and answer questions. Customers can sign up for the webcast on microsoft.com.

Microsoft will also be releasing additional security updates on Tuesday, Jan. 10, 2006, as part of its regularly scheduled release of security updates.

In addition to deploying MS06-001, users should take care not to visit unfamiliar or untrusted Web sites that could potentially host the malicious code. Consumer customers should follow the guidance on safe browsing. Enterprise customers should review Microsoft’s Security Advisory #912840 for up-to-date guidance on how to prevent attacks through exploitation of the WMF vulnerability.

The intentional use of exploit code, in any form, to cause damage to computer users is a criminal offense. Accordingly, Microsoft continues to assist law enforcement with its investigation of the attacks in this case. Customers who believe they have been attacked should contact their local FBI office or post their complaint on the Internet Fraud Complaint Center Web site. Customers outside the U.S. should contact the national law enforcement agency in their country.

Customers who believe they may have been maliciously attacked by exploitation of the WMF issue can contact Microsoft’s Product Support Services for free assistance by calling the PC Safety line (1-866-PCSAFETY); international customers can use any method detailed at http://support.microsoft.com/security.

Microsoft continues to encourage customers to follow its Protect Your PC guidance by enabling a firewall, getting software updates and installing anti-virus software.

Founded in 1975, Microsoft (Nasdaq “MSFT”) is the worldwide leader in software, services and solutions that help people and businesses realize their full potential.

Microsoft is a registered trademark of Microsoft Corp. in the United States and/or other countries.

The names of actual companies and products mentioned herein may be the trademarks of their respective owners.

Note to editors: If you are interested in viewing additional information on Microsoft, please visit the Microsoft® Web page at http://www.microsoft.com/presspass on Microsoft’s corporate information pages. Web links, telephone numbers and titles were correct at time of publication, but may since have changed. For additional assistance, journalists and analysts may contact Microsoft’s Rapid Response Team or other appropriate contacts listed at http://www.microsoft.com/presspass/contactpr.mspx.




can I get a aaaaaaaaaaaaaaaaaaaaaaaaaamen my brothas and sistas!!!

yeah patch the fucking thing...you dont want this shit. trust me
Image
User avatar
kaharthemad
NT Traveller
NT Traveller
 
Posts: 3768
Joined: Sat Mar 27, 2004 8:47 am
Location: Somewhere South of Disorder

Postby kaharthemad » Thu Jan 05, 2006 6:24 pm

still thinkit is funny as hell they call the scope limited. Shit i got 12 on my fucking bench out of 20. Not to friggin limited to me. Their definitions and mine on the word limited must be opposite.
Image
User avatar
kaharthemad
NT Traveller
NT Traveller
 
Posts: 3768
Joined: Sat Mar 27, 2004 8:47 am
Location: Somewhere South of Disorder


Return to Cap's Alehouse

Who is online

Users browsing this forum: No registered users and 21 guests