name='Easy_Geeza' said:
I use router firewall, and AVG. Never had a problem (touch wood). As long as your a bit savvy about what you click on, should be fine.
Easy_Geeza
I agree with your net savvy comment, its all to easy for hackers to exploit the unprotected. The AV product you use dose not seem to be in full control with the
WMF exploit of late.
Anti-Virus Protection for WMF Flaw Still Inconsistent
December 31, 2005
Source: eNews
By Larry Seltzer
Days after the revelation of a flaw in Windows' handling of WMF graphics files, dozens of exploits are being spread from thousands of adware sites. But good protection is available. At the same time, further testing confirms that a workaround issued by third parties and endorsed by Microsoft Corp. is effective in most regards, and in the most important circumstances, but not in all. Also, the workaround has side effects that could prove troublesome.
AV-Test, which tests anti-malware products, has been tracking the situation closely and has, so far, analyzed 73 variants of malicious WMF files. Products from the following companies have identified all 73:
Alwil Software (Avast)
Softwin (BitDefender)
ClamAV
F-Secure Inc.
Fortinet Inc.
McAfee Inc.
ESET (Nod32)
Panda Software
Sophos Plc
Symantec Corp.
Trend Micro Inc.
VirusBuster
These products detected fewer variants:
62 - eTrust-VET
62 - QuickHeal
61 - AntiVir
61 - Dr Web
61 - Kaspersky
60 - AVG
19 - Command
19 - F-Prot
11 - Ewido
7 - eSafe
7 - eTrust-INO
6 - Ikarus
6 - VBA32
0 - Norman
The difference for the more effective products is likely to be heuristic detection, tracking the threat by identifying the basic techniques of the exploit, rather than looking for specific patterns for specific exploits. The latter technique leaves users vulnerable to threats that the vendor has not yet identified and protected against. Mikko Hypponen of F-Secure, when asked about the matter, said, "Heuristic detection rocks."
After some concern was expressed about the efficacy of the workaround proposed by third parties and endorsed by Microsoft, it appears that it is basically effective at preventing exploitation in the most common circumstances, but not in all. For advice on how to secure your network and applications, as well as the latest security news, visit Ziff Davis Internet's Security IT Hub.
The registry fix discussed in a previous article does not work effectively, however, and users who have been relying on it will need to switch to other measures. hy does Security Editor Larry Seltzer say WMF stands for "Windows Major Foul-Up." .
The effective fix de-registers a DLL from the system relied on by the Windows Picture and Fax Viewer program. To effect the change, click Start, then Run, then enter the following command:
regsvr32 /u %windir%\system32\shimgvw.dll
To re-enable the same DLL, click Start, then Run, then enter the following command:
regsvr32 %windir%\system32\shimgvw.dll
This fix prevents exploitation when a WMF file is loaded from Windows Explorer or Internet Explorer.
If a WMF file is attached to an e-mail message, the default action for Outlook and Outlook Express (the default action is performed when the user double-clicks on the icon) is to launch it with the Windows Picture and Fax Viewer. Since that program is disabled by this fix, nothing will happen when the user double-clicks on the attachment or on the icon for such a file in a Windows Explorer window or the desktop. A user might then choose to open the file with another program, such as Windows Paint, and in this case a malicious WMF file would still be able to execute its exploit.
Paint and some other programs are not affected by the fix to Windows Picture and Fax Viewer. Many other graphics programs, some of which are bundled with scanners and digital cameras, set themselves to be the default action for graphics such as WMF. These would not be affected by the workaround, but they may still be vulnerable.
Finally, there have been conflicting reports as to the effectiveness of DEP (data execution protection), both hardware and software, for the WMF issue. This exploit, not being a typical overflow in which programs are executed out of a data area, would not normally lend itself to protection by DEP.
Microsoft has made no statements about hardware DEP in its advisory (
http://www.microsoft.com/technet/security/advisory/912840.mspx), but it did state that "Windows XP Service Pack 2 also includes software-enforced DEP that is designed to reduce exploits of exception-handling mechanisms in Windows. By default software-enforced DEP applies to core operating system components and services. This vulnerability can be mitigated by enabling DEP for all programs on your computer."
END
I find that an interesting read
regards
succuba
I'd rather do that than have 5 memory hogging scanners slowing my PC up 
