Microsoft issues temporary 'fix-it' for Duqu zero-day
-
-
-
One of the side effects of applying this patch is that if you run System File Checker, it will stop at a certain point.
Cannot repair member file [l:22{11}]"t2embed.dll" of Microsoft-Windows-Font-Embedding
If you undo the patch, it works again.
-
One of the side effects of applying this patch is that if you run System File Checker, it will stop at a certain point.
Cannot repair member file [l:22{11}]"t2embed.dll" of Microsoft-Windows-Font-Embedding
If you undo the patch, it works again.
That's right on Windows 7...stuck at 16%.
I wonder if that patch is really needed after all, since it had been patched twice or three times already then will come soon a newer one.
-
One of the side effects of applying this patch is that if you run System File Checker, it will stop at a certain point.
Cannot repair member file [l:22{11}]"t2embed.dll" of Microsoft-Windows-Font-Embedding
If you undo the patch, it works again.
That makes sense since the Fix it is taking ownership of t2embed.dll and then denying access to the dll:
Takeown.exe /f "%windir%\system32\t2embed.dll"
Icacls.exe "%windir%\system32\t2embed.dll" /deny *S-1-1-0:(F)
I wonder if that patch is really needed after all, since it had been patched twice or three times already then will come soon a newer one.
As I replied to Hopalong X here, the choice is yours.
-
-
I wonder if that patch is really needed after all, since it had been patched twice or three times already then will come soon a newer one.
As I replied to Hopalong X
here, the choice is yours.
I've decided to disable that Fix-it tip, therefore enable access to the T2embed.dll...:)
I see no point yet...i'll just have to be carefull when receiving attachment in mails and wait for the next MS Patch.
-
There's supposed to be a permanent (non-breaking) fix in December, so I am with you on this one. I don't just open attachments from anyone without scanning them first anyway, and this virus/exploit/whatever is already detected by every major A/V engine. Is the exploit bad? Yes. Are we already safe from it with safe computing practices? Yes. Nothing to see here, move along...
-
The Security Advisory was finally updated yesterday:
The change: "V1.4 (November 11, 2011): Revised impact statement for the workaround, Deny access to T2EMBED.DLL, to address applications that rely on T2EMBED.DLL for functionality."
Impact of Workaround.
- Applications that rely on embedded font technology will fail to display properly.
- After applying this workaround, users of Windows XP and Windows Server 2003 may be reoffered the KB982132 and KB972270 security updates. These reoffered updates will fail to install. The reoffering is a detection logic issue and users who have successfully applied both the KB982132 and KB972270 security updates previously can ignore the reoffer.
- Applications with functionality that relies on T2EMBED.DLL, such as generating PDF files, may fail to work as expected. For example, Microsoft Office software will fail to generate PDF files.
-
-
I've disabled mine, since it seemed to make the PC act a "bit off".
-