omgwtf!

As you may or may not have heard by now, there is a lovely new 0-day Windows exploit that has cropped up in the past few days.

To nobody’s surprise, Microsoft has yet to come up with an answer to plug up this vulnerability. It’s always amazing to me how a company as vast and wealthy as Microsoft can always manage to take so incredibly long to address issues that need to be handled instantly, if not sooner…but all these other guys on the web that they try to discredit all the time are right there a day or two later with not only all the info you need, but fixes, too.

In their security advisory, meantime, Microsoft has released a pretty lame temporary workaround…unregistering a specific dll…which really doesnt do much to protect you at all. I’m sure the Windows team is working feverishly between lunch breaks to address this issue. In the meantime, as I am wont to do in all such instances, I turn to other, more reliable sources to cure what ails me, as a long-suffering victim of Microsoft.

Steve Gibson is quite possibly the most trusted geek on the Internets, or he is to those in the know. He’s a fucking genius, for one thing, and for another, what he doesnt know about online security could fit on the head of a pin. If Steve sez it, I’m prone to believe him. Therefore, it was with no small delight that I discovered his Security Now! Notes for Episode #20, which addresses and offers a much safer, more reliable patch for this most recent Windows vulnerability. I need to listen to his weekly Security Now! podcasts…I always forget he has them.

Anyway, Steve recommends you head on over to Ilfak Guilfanov’s HexBlog and download his system checker and the temporary patch he wrote, which he explains here. I would also recommend you read the comments on both the patch page as well as the page the vulnerability checker is listed on. The comments other people have made on both pages could be useful to you if you run into any problems. Also, if you use Lotus Notes, this article could prove useful to you.

Keep in mind that this patch can only be used to secure Windows 2000, XP 32-bit, XP 64-bit, and Windows Server 2003. You should remove it after…when and if, that is…Microsoft releases the official patch, but only after you’ve waited a couple of days and done some reading to make sure that their patch actually works instead of breaking your system, which is all too often what actually happens. Never trust Microsoft to get anything right the first time round, or you’ll be sorry. This patch can be removed just by going to add/remove programs in the control panel. Simple as that.

All Windows systems are vulnerable to this exploit, even systems that are fully patched and up to date. If you’re on a Windows system, I would recommend you apply this patch as soon as possible and keep your eye peeled for any new exploits this vulnerability spawns before an official fix is put out.

And people wonder why I hate paying Microsoft for anything.