Security Now! Notes for Episode #20: "regsvr32 -u shimgvw.dll" This is from Steve Gibson from www.GRC.com
This fix is temporary, until Microsoft comes out with a patch Steve has an undo for it if it breaks anything.
To immediately disable the vulnerable Windows component:
Logon as a user with full administrative rights.
Click the Windows "Start" button and select "Run..."
Enter the following string into the "Open" field:
regsvr32 -u shimgvw.dll
(You can copy/paste from this page using Ctrl-C/Ctrl-V)
Click "OK" to unregister the vulnerable DLL.
If all goes well, you will receive a confirmation prompt, and your system is now safe. No need to reboot, but you might want to just to be sure that any possible currently loaded instance is flushed out.
wow, I posted that as a comment on Jack's original post about this exploit. Reading the blog, is a highly recommended thing :P~
ReplyDelete