Question

Locked

opening an attachement

By nkululeko ·
when I try to open a jpeg from outlook i get an error loading c:\windows\system32\shimgvw.dll

Invalid access memory, what can be the solution to this

This conversation is currently closed to new comments.

2 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Answers

Collapse -

You are probably infected..........

by ThumbsUp2 In reply to opening an attachement

Have you run a virus scan while in Safe Mode recently?

shimgvw.dll

The shimgvw.dll library is required by windows and is used when displaying images and/or faxes. If shimgvw.dll is unavailable, windows may not be able to display faxes or images.

On December 28, 2005 Microsoft released the Microsoft Security Advisory (**2840), WMF exploit, which covers a vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution.

There have been public reports of vulnerability in the Windows shimgvw.dll file and the exploit is now floating around the net. The WMF Exploit could allow an attacker to execute arbitrary code on the user's system by hosting a specially crafted Windows Metafile (WMF) image on a malicious Web site.

The "SHIMGVW.DLL" is used for rendering Windows Metafiles (WMF) can reportedly be called whenever Windows attempts to display non-metafile images. This means that a malicious email could also exploit this vulnerability!

SHIMGVW.DLL PATCH

What should you do for now? Below are a few suggestions

To disable the WMF vulnerability, security advisory **2840:

* Logon as an administrative user (user with administrative privileges).
* Click the Windows "Start" button and select "Run"
* Enter the following text into the "Open" field:
regsvr32 -u %windir%\system32\shimgvw.dll
- You can copy and paste the command above into the "Open" field.
* Click "OK" to unregister the vulnerable DLL.

Although not necessary, it would not hurt to reboot your computer and clear memory.

Enable SHIMGVW.DLL

If you need to enable shimgvw.dll, simply do the following:

* Logon as an administrative user (user with administrative privileges).
* Click the Windows "Start" button and select "Run"
* Enter the following text into the "Open" field:
regsvr32 %windir%\system32\shimgvw.dll
- You can copy and paste the command above into the "Open" field.
* Click "OK" to unregister the vulnerable DLL.

Microsoft's WMF Vulnerability announcement stated that in an e-mail based attack, customers would have to be persuaded to click on a link within a malicious e-mail or open an attachment that exploited the vulnerability. Many reports claim that this not entirely accurate and the user only needs to receive the email attachment to exploit the shimgvw.

Impact of WMF Exploit Workaround: Windows Picture and Fax Viewer may no longer execute when the user clicks on a link to an image type that is associated with the Windows Picture and Fax Viewer.

Collapse -

Thanks for the reply

by nkululeko In reply to You are probably infected ...

What I did was I checked if my shimgvw.dll was registered and could not find it under my system files, so I downloaded it and registered it and it worked.

Back to Hardware Forum
2 total posts (Page 1 of 1)  

Related Discussions

Related Forums