piranha: red origami crane (Default)
you probably don't need this advisory, because you better know what you're doing.

microsoft has released a patch for the latest security problem. if it's not coming down the pike for you automatically, read the release bulletin, which will also point you at the update centre where you can download it. note that contrary to lots of suspicion in the blogosphere this doesn't appear to require upgrading either from windows 98/ME nor from XP SP1.

if you followed the directions in the post i pointed at, you should now uninstall the unofficial patch (from control panel -> add/remove software). you can do so either before or after installing M$'s patch.

the state of the piranha: cranky, tired, but not unhappy per se, just mired in tedium. i've been incessantly fighting with my system, trying to get my video card driver upgraded to handle a newer version of openGL for a new piece of software to run adequately, which is a horrid chore -- install a driver, reboot, find out whether it works, uninstall, reboot, rinse, lather, repeat. dear toshiba: you suck. just because nvidia's reference drivers rule doesn't mean you should have just fallen down on the job of keeping a finger on the pulse. so now they no longer support the card; how about you do?

this explains my absence in IM. i am not keeping up with LJ or email either; sorry everyone. but all this rebooting is getting me to pare my startups down. ghod, how overloaded windows gets with crap that people decide should all run at startup time. ASK ME whether i want it or not! period cleaning; not just for spring anymore.
piranha: red origami crane (Default)
the last year ended with a major vulnerability in M$ windows, and the new year starts with snowballing pieces of malware out there exploiting it. if you haven't heard about the "WMF exploit" yet, get yourself to this link and follow the instructions to apply the unofficial patch and deregister shimgvw.dll -- this is really serious, and you won't even be safe if you don't run IE or outlook, which are the usual vectors for such crap. this can hit you through other browsers as well. website for the unofficial patch, which might be more up-to-date than the first link by the time you're reading this. remember that you did this, when M$ comes out with their official patch, you'll want to undo both these changes.

generally it's a good idea to have Windows Data Execution Prevention turned on, which keeps data from executing in areas already marked as storage (which is how buffer overflow exploits usually work). in XP SP2 you do that via start -> control panel -> system, tab advanced, performance region settings button, tab data execution prevention, radio button Select Turn on DEP for all programs and services except for those I select. you don't have to add anything there unless you're debugging code. reboot after applying changes (one reboot for all 3 actions, the two above and this one will do :).


piranha: red origami crane (Default)
renaissance poisson

July 2015

   123 4

Most Popular Tags

Expand Cut Tags

No cut tags


RSS Atom