WMF exploit in popup

January 2, 2006 4:51 PM from

When I went to a download page for a windowBlinds theme, I got the nice new popunder, followed by a warning from my antivirus software (McAfee) about a file in my temp internet files folder having the wmf exploit in it.

To link to virus info: http://vil.mcafeesecurity.com/vil/content/v_137760.htm

While I know it could be a false-positive, you should probably look into what kind of ads are being put on this site. It's one of the fastest ways to make people not want to come back.

2,088 views 10 replies

Reply #1 January 2, 2006 5:12 PM from

WinCustomize Forums Top

#38 by Janitor T-Man
Mon, January 02, 2006 3:16 PM

WinCustomize does not support popups/spyware/etc etc. We do have various ads being being displayed through out our site. These ads come from a couple different sources as we uses third party companies to serve ads to our site. On accasion it is possible that an undesirable ad may come through. If we are aware of those ads we contact our ad service agents and have them remove them.

So if you do see an ad that causes a popup, or tries to install something like gator or a virus or anything please take a screenshot of that page and send it to me ([email protected]) and let me know what the URL to that page was and which ad (as there may be more than one ad per page) that you believe is causing the problem. If you can copy the shortcuts for the links to the ads and send those links that will also be extremely helpfull in determining which ad may be causing the problem.

And after you have sent this data and since we do not have any malicious code in our site and do not support these type of ads please check your system with anti virus and anti spyware software as it is possible that the popups may be caused from a program on your system.

Reply #2 January 2, 2006 6:23 PM from

WinCustomize Forums Top

"On accasion it is possible that an undesirable ad may come through."

If you're going to put ads on the site, wouldn't it be a good idea to do it through a company that wouldn't let this happen? The more ads you have, the less likely someone is going to subscribe (even if subscription removes the ads). I know you guys need money, but there's got to be better ways that don't alienate any newcomers. I come here because I've been coming since before the popup invasion. If I came for the first time today, for example, I would have left and not returned.

Object Desktop - Get all of our enhancement utilities in one suite

Reply #3 January 2, 2006 7:05 PM from

WinCustomize Forums Top

I've never, not ever seen a pop-up (nor under) at WC. Of course I'm a subscriber who's always logged on and I have a pretty aggressive set-up for blocking pop-ups anyway. IMHO with browsing being what it is today, I can't see not using a pop-up blocker.

Reply #4 January 2, 2006 9:37 PM from

WinCustomize Forums Top

To reinforce Pat's quoted comments above, we consider popups or pop-under ads to be unacceptable. If something does show up, please take a screenshot, try to see what link/ad/server it came from (Properties on the webpage, hit Ctrl-N to bring it up as a new page so you can see the link if need be), and/or in this case, zip up the .html file and try to send it to us.

I tried to reproduce this tonight logged off WC so I would get more ads, but no joy so far.

Reply #5 January 2, 2006 9:48 PM from

WinCustomize Forums Top

well..., for those who have this problems, have you ever try to use zone alarm? i use it, but first you have to configure it before entering into the site, or you are goin to have other kind of problems..., licke:

-"i can´t see the preview image"..., etc.

now i´m using Panda Titanium with TruePrevent, that includes its own firewall(use one or the other, never use Zone Alarm and Panda at the same time!)..., and at this point i have never get an exploit' alert...

---------------

-=TYCUS=-

Reply #6 January 2, 2006 10:21 PM from

WinCustomize Forums Top

I dont get popups either, though im a subscriber, nothing after i logout even.

Speaking of WMF, this is a good time to un-register shimgvw.dll and get the temp fix
Unofficial patch site http://www.hexblog.com/2005/12/wmf_vuln.html

Reply #7 January 2, 2006 10:44 PM from

WinCustomize Forums Top

thanks for the link Mr. cestode

!

-------------------

-=TYCUS=-

Reply #8 January 3, 2006 8:32 PM from

WinCustomize Forums Top

You have to get this done,this is a nasty flaw in windows.GRC also is hosting the patch

Link

Reply #9 January 3, 2006 8:42 PM from

WinCustomize Forums Top

If you're going to put ads on the site, wouldn't it be a good idea to do it through a company that wouldn't let this happen?

Become a subscriber and ads are gone.

Reply #10 January 3, 2006 9:11 PM from

WinCustomize Forums Top

So many exploits...so many think to trigger them. I don't think WC has any! But some adds might trigger exploits. I've noticed that an ad-ware, word searcher to be exact tends to turn itself on when i log-off. It doesn't come with WC, but something in the adds might trigger it. Anyway Norton cleared things up and all runs smoothly now.

Welcome Guest! Please take the time to register with us.

Richer content, access to many features that are disabled for guests like commenting and posting on the forums.
Access to a great community, with a massive database of many, many areas of interest.
Access to contests & subscription offers like exclusive emails.
It's simple, and FREE!