Network Security & Hardware - eWeek

Critical Impact: Windows Metafile Flaw a Zero-Day Exploit

Building Unified, Intelligent, Enterprise-Wide Access with a NAC Foundation
Nov 30, 2009 @ 2 p.m. ET (60 min) Click Here to Register

Is the Smart Grid a Dumb Idea?

Surgical Adhesive Offers Smarter Way to Mend Bones

Get Smarter Technology on Your Mobile!


	Get More from Your IT Budget HP SAN Readiness Assessment for Server Virtualization Six Mistakes Companies Are Making Today and How You Can Avoid Them See All Resources >

Network Security & Hardware

Critical Impact: Windows Metafile Flaw a Zero-Day Exploit

By: Lisa Vaas
2005-12-28
Article Rating:

/ 0

There are 0 user comments on this Network Security & Hardware story.

Table of Contents:

Rate This Article:

E-mail

PDF Version

Critical Impact: Windows Metafile Flaw a Zero-Day Exploit
( Page 1 of 2 )

Updated: Code for what Secunia is deeming an "extremely critical flaw" in Windows Metafile Format files is being exploited on fully patched systems. Researchers are currently tracking thousands of siMicrosoft Corp. has issued a security advisory for what Secunia is deeming an "extremely critical flaw" in Windows Metafile Format (.wmf) that is now being exploited on fully patched systems by malicious attackers.

Websense Security Labs is tracking thousands of sites distributing the exploit code from a site called iFrameCASH BUSINESS.

That site and numerous others are distributing spyware and other unwanted software, replacing users desktop backgrounds with a message that warns of spyware infection and which prompts the user to enter credit card information to pay for a "spyware cleaning" application to remove the detected spyware.

Vulnerable operating systems include a slew of Windows Server 2003 editions: Datacenter Edition, Enterprise Edition, Standard Edition and Web Edition. Also at risk are Windows XP Home Edition and Windows XP Professional, making both home users and businesses open to attack.

In this fluid attack, researchers have kept up a steady stream of new details about the extent of the exploits reach, with Google Desktop being the latest reported vector.

Resource Library:

F-Secure reported on Wednesday that Google Desktop tries to index image files with the exploit, executing it in the process. F-Secure reports that this exploitation-via-indexing may wind up occurring with other desktop search engines as well.

Google had no immediate comment. To avoid the problem, security experts suggest disabling the features indexing of media files, or to remove Google Desktop altogether.

A workaround called REGSVR32 has been posted and was included in Microsofts advisory. However, it should be noted that as of Thursday evening, some security researchers were reporting that the workaround is not fully successful.

The workaround is as follows, as quoted from the advisory:

Un-register the Windows Picture and Fax Viewer (Shimgvw.dll)

1. Click Start and then click Run. Type the following command: REGSVR32 /U SHIMGVW.DLL. Click OK.

2. A dialog box appears to confirm that the un-registration process has succeeded.

Click OK to close the dialog box.

Impact of Workaround: The Windows Picture and Fax Viewer will no longer be started when users click on a link to an image type that is associated with the Windows Picture and Fax Viewer.

To undo this change, re-register Shimgvw.dll by following the above steps. Replace the text in Step 1 with "regsvr32 %windir%\system32\shimgvw.dll" (without the quotation marks).

F-Secure notes that this workaround beats filtering .wmf files, given that files with other image extensions—such as BMP, GIF, JPG, JPEG, TIFF, etc.—can be used to exploit machines.

F-Secure also recommends filtering domains at corporate firewalls. These sites should be listed as off-limits: toolbarbiz[dot]business

toolbarsite[dot]biz

toolbartraff[dot]biz

toolbarurl[dot]biz

buytoolbar[dot]biz

buytraff[dot]biz

iframebiz[dot]biz

iframecash[dot]biz

iframesite[dot]biz

iframetraff[dot]biz

iframeurl[dot]business

F-Secure notes that its seen 57 versions of this malicious .wmf file exploit as of Thursday, detected as PFV-Exploit. The security firm is predicting that, even though the exploit has only been used to install spyware or fake antispyware/antivirus software thus far, it anticipates that real viruses will start to spread soon.

According to the Sunbelt Software blog, "any application that automatically displays a WMF image" can be a vector for infection, including older versions of Firefox, current versions of Opera, Outlook and all current versions of Internet Explorer on all Windows versions.

"This is a zero-day exploit, the kind that give security researchers cold chills," according to Sunbelts blog. "You can get infected by simply viewing an infected WMF image."

According to F-Secure, Trojan downloaders are taking advantage of the vulnerability to install Trojan-Downloader.Win32.Agent.abs, Trojan-Dropper.Win32.Small.zp, Trojan.Win32.Small.ga and Trojan.Win32.Small.ev. F-Secure also reports that some of the Trojans install hoax anti-malware programs such as Avgold.

Next Page: Researchers trace exploit to Russia.

Next: ' ' >>

	Reader Comments: Critical Impact: Windows Metafile Flaw a Zero-Day Exploit
	>>> Be the FIRST to comment on this article!



	>>> More Network Security & Hardware Articles >>> More By Lisa Vaas

Email Article To Friend ♦ Print Version Of Article ♦ PDF Version Of Article

‹xÚí}ksÛ8²èçqÕüŒæî8ÙcŠ½íHS²%'ÚØ–×RâMêV©(’8¦H.IÙÖÌÝ?q¾œºâþÆÛ €/=hÉŒ÷œ8[Â£4ºF£ñŸ½½w?I9stÃ´'äÜ1æ%û3ÇøtäÑ[“ÞùûD’{{?üð.Ð‡}gÁ´žSå/92t<ƒzõœ’##jY¾«RôÝÕ #ü®[æÄ®çFÔ¨—kÀ°×kìñðÙHäüðNßáƒ(éð{Új ¨K¦ÔœLƒºÖxgÎ&Ä÷Fõ}ÙœéêËØ7êå'æx¿Áà2˜ XmÛ Î8ÐörˆÚ€'üj˜·Äç(ÉCLÅ½?Kã’ŸE!š{O|Ç2#–·è8,>vì@òÍß©ø:AàÌDâL÷&¦Í¾•¥°’¢’ªÄMö"„òóx<&jÜ>w¼l®ñ‹=ôÝ£w2Œ¬ñãÞ3ð™öXã]~³j‡½4LßµôÅ!ZÎèpj9:ÅN`QFž¼dØnÚaã…°HA=—c„œ‹9p<þžëÞ Gòï•,gâäs'9"QcO$Õ¡%´UqËL£J‹‰áNŒtèXFŠ>D>8zvGŽåx09åry •j5jf¬ÏLº£{¦n_·%Ÿzæ0ÖsÛw6ï†îO)L|@ïÉ #ÇÓÓ±Ãa‘©GÇõöåP–u#o8sXÑF–9ºÉÛ4GÖÍ‘¦–J5ª(G…J±\SŠµ#ûWQåîî.gÚ†sç[¦=¿7q)sÜüÈ™ýz3ª·¯?~í)eUÓ¥vÞ»è|¸Ì‘ÆGAÜ †–nßn‡p[J^×µ‚Vƒ©8ïœ\u{ÝÓ>¹è~nŸ½“‡kÞr† ÞòùNÖ·“ß‰èQ¥T"*©år¡p4K‘ý…IèhjCG'‹õ$Ôéõ{Ï@Bãs¤šo”ô£V¿SË+¡–Z±VÐíH+(H.Õ£Q’Z˜Æìz¦O‘`† %½pbQU¥†ÄrÜi÷[ò“©¥}Ño_]^uzmÒoŸ|8¾ê´O‘|¾ËÖÄòbP+Mz(#1hÅè•ÎšõgŒôxkŽ¨¿^t\Ÿ¶®Ÿ.9®;îuœv¯H«ý¹sÒî!)|qæ¡³!5P\¡ýÙÜ6ƒ´8ù¶Úªòï¯~»nÁ–ö‰—6O¼^ƒÄ¯÷3‹ÜRÏ¶†&ó†Ú#‡Ã4}GªVK5IÍýŠÄðS«{ÒÿrÙ&Ój]~:>ëœœ$Ë×…Ynõ[äúçgÀ¾§Û¾‰ÒB·d¹}‘#¹$ÓòŽ7‘ûWò=ÂR±²ø(‰šy#0r¬iÀ›Ìß4(.øß¦Af‹€Âw¬[ ëÔÎÚaê›í××tBÕj¼mÖÒ”êþ Ì)Bæ!aF`u‰þsnÞÖs'@Í€k©’fƒ«çPXÊäÏT÷`‘«ƒ4œRÜó 9lbèÖ›vÁf‚¥—y“áM)ˆÿo“–d¾¬r!C•C±Z’9‹nÑVÈ¨E¦SAß%EI’7CD„Ü r†áñ<#®|!X”sIé(¤Ç(GÃÉc§ª¤{©nîæ2.÷sdé>ÐUÓàì<8~vw½Ü¬¬ª•u²°²"ë*ÌÔ´ÜÞÃ[fýh¤E·ÞçØ“Æi»ÙÿtÕn‘Þe÷¢×ÅOçí^¯ù¾ K/Ë364>ŒpX’.BÊ2½i¹K‚1ÎpŽJêÛ«ŽZ¥\‹UÇà×«” d±zT„ŠJMUŽ~«˜€8Ê•??5˜n!S[Ã¶@Ë.êës+Èë¾{ÿë<˜ |PF´Ž;}F½_ô™{„é3j˜óY}¨Ûv"5d}4>Ç‰ðAG”AtÔicåÅ¦w¨¹4>˜>šš æªéôI7ê0i‚\ü;ßwºGó¡Þº~N unáo7ÌAúbéC ƒú˜3ê»õœV=”H:ü} m´ 9žÝ5@%Õ'¶ãC—MßŸã›Ì…æ-uÎ#09wŽw‹É ´5ƒúyP¢Ü5Ý»¦Ci¨û y1ûÃØó¢Õ¢¾À»ÀÁ!TfågýÐçÀ,zu=Ç ÈHŸû2 ï¾éX.ˆ¿{s:GT[¿ÕMKš¨xˆGùˆzïR†ÄûùNæ¸\‹Q˜¼ï½DÐ-Ñ2ö(%E2ô ÐDˆEMi—@(P!$¨‚œÍ5Žar‹œ/€lbÁï(¯¥O$„^¬–ŠI-¸TbëD¸”JÛOq$9g –J÷¥"ê¹ñJX*¦ôQYl¡¯p[ì—Â/ ™™¡¢ÌrRËdZïùy4ÛLˆl•äDäËV˜^Ž,Uu…ïšÂ5…m´ukÞ}³XTŽ4V®Â§#š´&´ÇcsdÂf#ô@ö·®®¼ÇsÓ2H¶`°°…uÒÒAÅ?a¨!1q SQôËÁÊkÔŸxÎîç†óþÐO· OzŽuKÉ ®«„•V¬šsö=˜RXƒ¸¼ð±, Æƒ=Â‚Lõ[ºiÙlQèæÌ´aÃ85GS_«a!´ùê‡Ð–eBCÔ`>.{Sç›^°Îê®k™ÔÈ“÷:,å:-Îè†\u;Ä±aå¼ƒµöd:.ðòpçíî¶>>yBOMÜnöaDùp©I.3ßhÕy:e¾œpGÒ¶Lûæ/š ïK%~½hB=Sœsì†¹‰&A|åòš5±ŠiÐ!3öùŒ'…Xeíïfž‡ÌÐ” ü/§Ìk|*’~ëé”(™Þ tã–zéSÜO¦ÎŒ¢îÅ•”$ì´ÐŠOœ¢Wmš«Æàâñ?ÓØ²©ÜZd˜Y6Õ~«»Ùÿ%aôfsP*ˆÿoW¦u©µÔRá@ü_FÞÐ*ÛŠ½xc…eƒñF§uOGiã+-mB I¥PÖ¦(XŸk¦ez¤x¢äÑEäã‡:ñ*&]‹Âÿµ¤7u(¼Ž=°TsëµÏÛ( Xà¿TM.¨²Rû¯¦?…>2ai™;¬aÕ’¦h•x KÕø¬™¶²@…¼ Êx@££ÿnH°Ýæ ¢~g&¶Ê¥ÃËùðöêÔ;q\Àª‡žc‘Ïç¤çzúu@®§zÀÖâ–cÿg@>Ú ¨œ€s§GëQB-C,8îÔñc´(L•>EÓ°HØšZUg˜©åÜgm1L¸HøQàË¸ñ:q,X?X¶ÄR`Í÷.C®VÉÍ¡c-f®©ÛË›ÃþÙÊÆ°wÚ^Ýv¥‹¦Ô?“¾šãq6šO¯ÚmÂËVØ!Ò‡Þ† Lr¢–ÊôC˜mPÇ¦ú"Õ}ÓZlBü{Ow§]1¯–ó—=X´@C~,êË%¥ ª1êIÔO°5@&â^`GÆm³d*Ë9Ð¦-P©œ±cYÎ]6bÐúDm¶"ëö‚„®(M×E›–Z"ç¦=ŽGÎ5ùMH85‡Ô[Ï„ÂAE- Æ8ˆ8qìx3??Óu¿PV&Ž<[—?^t¥_ç>õ:F}»Œ`'|\qcîIFŽ ~©OP•aÛ˜™34Q}q@µô6£ã½ãL,*IHÕç ‰bAQÊ š¸KÑkM˜fBïÙ§º7šÊ_gœ·ÞÓ€!a¬kã&¿ðA‘ƒ‹4bó¶6ààèäã™>ôª\P˜Xt> Õr+b$˜[¶Î¶T½:õ$Þf¼‡ô—Ÿß€ÆåÃ¢’èù’Ží:l™x"BŽæšO{ÔÃC{nócÆ>TÊZåU™ÿfþ<Š÷€zûÑ,RT…j%Æ†÷06´²ª–*GEµR©àúf…U`ñžsßÜÏyO=š"1ã»tc8ã1Ð¾<Å__pýË»S÷×ë~~6˜F½iþ^8ý¢ÔôšÒ›A¿ýþT}f6Ý /r©/˜ù4|rqŸZ†M…LYvQO “ÿs½‘!au5í ±:?–kJ©”Äü?C4B~^ŒYÀpw®\ pR« ÍÔ"¬ †éÑQptgæÕ£)ü’u7qýÉfz9áN#q\3@$ò7ÇäŒÚ2ýÑÜÇSíütœ@ HQÖj°pü×{sè;–Mè?…bŒŽ°%NJt(Ò¹Dàé†\U4Uµeø¯`«wc»Ë*€‘Äô ªA„ wt‰°€Ý™Á”,Š¦(ô´ÙD)Íyà´¨ƒØZì|è^PÓ²Ë§ðSLJˆé@êø(A@¿ö\›:ž{>Z,.M—H0°ú¿Žìz0f*Ð¨®)ìÃlTgm±/ ‹ëªR©U*û~iÍ;:/{ý/öŠûÐ.8F¤€2ÕA="C •ðÏ8q´† ƒÖbºS¡µ‰î>¹xÇd V}²’P@M©°ÁÏnÎšŠ»B=Gm@«$ÎôÝL|%4SÔ([úé/«¦'—'«zhTrŸ„å¹›Ç>“6×7ÏÃ3ÇÏ¼ßòåtáÓ[ò‰åÌ<9Åu§2E8Z¾Î@1J,;OE9È² (ß`åÛ‘1³B®õ…ÔÕböÛ¤q:n&Cý2Ð161ê³s/ø=¿»¤Z†e¦–0Ü<¬z*%¥\.€êYi¥¸ Ž=cx™ûº8®9òe}îéò¯£™[?nžHCo`ësÿŸªªè¦<vt)s¦M•¿ GTµP·Ç]ŸPºHzñ7nqÌ‘çà“`µó|¬×'ŽþGÿeœÄUVYŠråcÅO¡¢ºø ªZ×M†ªB±R¨¨%%!~èõ“°‚Ã!ÝVA#ÇxÀ‹ö´¶ÁsÝè¢é<Ó ÞÿÎâ¿ÁâÏSùiÎ{Üœ9Ðz¦ÔIÎ¥rQÓŠ Ý5`ÛJ©RÎý¸'ÿ•097 Æˆ{ S@Šåê½Z: #2É¢\ê'•“ ø–ÃÀWËe¥R¨U@¯8Jæ3”A–Jç j ;!‹µžãÁqòã]Á6x†¤š0âúÛ?^a¹²?uðØÏÿæç’-…49ô^I‰ˆžÀ‡È5Ôˆ3xÏ0O8»ƒÚ'Š eVpcð?Ó› šcœC÷‚7ûç—Ÿöö¡×÷ZUÙ{”˜ AD@ú"›„'nß±¼?%ª ¿í³[-ìŒ8ÉF#4Ðïý,º+‰î’?ö~¸î´úIAcçÔ§Ý‹¾tÚ<ïœ}9Ä;>,œüÎ¾¯Û~xgÿ²Ûëô;Ý‹CÂ ÂÊ{D>´;ï?ô£8ƒè{µäÞïýk¥q ¯´À2 }ø*u.Zí’Ò]ËÇ÷WÝO-©sÞ|ßæwÃi\Â·ì[h”ÔdzÒL‚\È€¥á§ûíI1î»>düdßË™]ýPÄÞ^6[ÎÅ{éŠ×a£ ÓÎÚ§ýÐƒƒáòZ@æŽÉ†UŽ»ý~÷\À9o^½ï\ˆ/é~ŸtÏºWü*Þ9ë\´¥d¯cxýî¥¨¿ód®GÈÁ“©yÖyqÈ‚œu8B÷*DÏÉY»yÞp|ÜlŠyÜ0©amG›'æåLŸk‡4¹£ç[‰^p@Ú†òWÇÒ½jµ¯8± ãô’ï4§c-I…ˆ¯'ôµšì«Æüø‰Vƒòht´qÍÃ);µúcoMå1û9 ¿Â¾UXH¬ùe`|ûC,($é”¯Téìˆ;û0Šr$`$Ø*ö„Xƒ¿u2¢Õé]ž5¿DW²Ó2ƒsìY·Ù‘„¶¢Àš^ˆ©SF(ƒè+bK)‰"$åŠDÙŒô¤Œ |ÉiöI÷ªÉ‰ï€/a³IŽ¿cô1:¿(:‘ý{¯íÐÕí¥ð[Lã·œÀoˆŸÇâWÈ˜Çã÷¥Iö;ŽÇD¼ _q¼+” kNz4&s«\3[É5n£žÔê|&Ý³B2Ô^&V8¶Ï:=h°ÿå¬Í1Ç9ó½ÞHšÂÁŠø/Cqãðƒ‡»¥â"ÝT÷sû (õúLMÃ vD)¡ŠœµgàâTxÑPïx¸§øiËÞâ'¾Üsf¡x!uŒ-çî0ìqØ%ÕbÂ§÷0oBÙºŸ¤¹CO›»Ìm}¤[ÛÎ˜¥æhI¦S2%¤I×áÁ#…žÏ” mÃö$IËj’×SÂfk¥Cš@™†²$ÄŸ†ª_ÒKšñIÌv(+6H…´+õödAz—Í‹íÎJÊÓšœî]ÚÜežy…gj—tÎßïÜ6V"#¯&0Gv¶\%0Ò ¾¥q¾ÁÐïœ4ÏÂ…@² RÞrÀÇ;Œó8%´Å¢ûé³Š¼–”¢áª–Þ}+›¬ ÉÅÝh€ñáuÈZœ˜Áã]žà-«…÷ÆU9$òj-_Ìï¡éž_9UkµŠÄŽ¯»3Ûæ= {”ç7M{ì„×Ôñ€?ØKœÈ8¢G™u*´´b¬“9l_ë¹¿AÝž0´nae1¹ÐèÂì¿ù²?Àþønw`Ó;ft,z{j’™¶÷Ð\.ü3}A&ìZ¢>š´ñây¬zv`Žhš³õ ….0'‡ÑïL[Ä±÷ð´ß†Ø ?Oþ*ïùy„rµê¹+NQDÜ=%×&^ËÌaÏqÕ‡ huÃ±Ó®<ÿ"’qòÜ³Db1N4œ™nÚ8ÄäiuÉE·Ošgýöi^|é1LŽÛ°¾øÜc$H~"©Z0 [Ý#|&ê~>xóöÈ¿áßßFMÞy@ua*3ÂÇ³ôøI‚†lýÖœèãåu×ýÌ 9o¢ßJwüfÿ¼×iï¿mÔ•åžÌa6FºKßìÿ¥p²ÿö?öÿ÷OÒþìKûo÷Ò½{g;á§¥s·e‡®âÔs×tÈÃRÀRêó{d{I2¦³‰$BäUUËkÝ ;»Ê¾¿ZDVeÎœ’tÑ“•Ü^tõ;¾™2ôŠÛiáÉx€7YÌôUû(™ñfh‰~X:pKóÊ¤Ås¹ã¹=bçÈÞ(ðôÑ õÞ8ÃßÞ2}ˆ‘KÝLÌ7û+ãÜ{Eü<ÞècÍÏºç×÷7àïû]f¿+ìwõ€B!õ€Þâ©ïþRý6Kï³Ü’È¥ë9Çí/s\5"n'xºš(ZZâ½8§ç|º:‹Ó+ËgUë€ž<’—è Žh»¾¢ö`Ÿîì#öþµ·Fþm`"¦Fs8“‰EE[o\ÝÓgžm¼ej7ü˜cÂSëÀO˜ÈR£1\j[ìÆãñ¢c¼Éé¼³þ62ƒù‚°ò> šAà™CXÞäØ™qî€äbãLÆðd¼„J;o—‡ïÖÝàn \žŒí ?#B;BJ•”üé›<æM=Ç>[4·2ñ]CnË? M£Šk=Ç´ÂÇ ,‚»•GŽiÆ¿à‚ÃÕãð¨c+¢Þ™U^ƒ?2%;þlß–âïÅ·cðí˜3“¿·”cpíßÁ_j ·ÿ]ü%—pû•1ø³-à[KŠoÁàÏ±€!ñCøÃ9ý_¨Ú3õ·[¡›@¼)ôðë¹wCOÆpñÜG+Ê>ql¶Å¨ïÇû·`júo÷ùx?iñéÌ´a—f™·üîÖHÖåðâ|âx4ü¢*jI©Éûb£¼ß´,r…Î¹äŒêúc_93 MŒ£°²ùžçx¦/"Uµï]Ë1ñÖi™v©¤9£ž9Ò÷ÏLøž¾^„Ã¹]GPjJ5‰“úÖ¡Õ¨Ó—?ùØëùX]º†idw¢š¿ü¬jG~äÃÞÅ[tæï°]Ä;‘f¿ñŒÀž'wt8œ/¨çOæ¦Á‘’¤ÌÃë³¨„¦QWÕJ±ö‹o•¢¡,]ñ—›Q)˜9ÃY¿ m%þaò“mÞˆ§:øeFfœƒ=µÕìØèrê•\êÁÐ.ÛŒóÈµC}rié“9 ‘²ßxvß«•’ZzROømANxÑßch`Ñé¯›ûmJáÐsG{Y’oYnùƒÈL”71,%†ñ®o”n 1÷v÷öVæïØÈ-ÙóÑÝqSžðÆËq¯Øi±Ñ›O&ÔGãÌ’‘æðÙð\—yVÂœc~J·¨¨•Ì=såÇ˜ÒI‹Œr¹oã`;‰ÅÙ ãŒ[ˆÔ‹,èê&è,bË°!d¦RßYm!Ö2²šÐhâãç2PqÜm:Ñ!Ç)/ +]Ö1Ç(V…>pµ#×¬ø‡%½³Ì(”Ôrô©ŸÛíSí´"Î#*úäÂ/x¦“ŒVˆ¿ãá–š8¯,VâƒÌb‰G M^Jæ¤ª$ÛåŸ¼]q+#ñbÏ.+qùç=ˆdPnI%.„`8Àƒå”‹¥Z-Ùdl¸¦wÃàËú»ašß Û«¡"yœËC· C½x…~(;ÝKŸJ±`Ð0Ìüïæxlàåòø0#ÿû€áÒ—u‹zÁÀòÍ»ö$‘X(l¸4‰ÉÁU”hÒµRbZµbí¿É¼>y¢v½ùùðG“Ëüló½Åç†ø=@vÍ{j1Ô±pìq‰\ž¨Ê/ø®‚Z¿{º]¯«ÕJòÐ&q’“šòFû-§~}Ä2¡Pbå¦zH˜Àieóü®`‰£JÓFG/RS/(è¨' ³3g+éœ:†Ù’N-ýN:¦ÈTB‹¦FÈ…bÊNÄh‡C&ñ„ #ô‡ ‚$$‰@.WDžá¿¢ÛiÒ”Lú“°!d·¡7v+¿úÌÁþ:÷ãýÆ ô’¤j’V{›¼j—A^ÚãÉ+>Om ãËØ Ç¦7ó¥Ž¢uõ¤¯ÔsZúBú<·@ÓúµT)«J¥¸Dlü^'±6 a“6 a„-p’¾™Þø8^ˆÚ^I!~ž‚“Æ*ïD•5IU%°-Už*»Þà‰Ñ¾Šíppø,š#…9ãŠ…‚RÊ L>Až«HŒÁã Å.Cð¯‹4ŸS!’ž†˜Æ“ª¿$…_PnvX\v©i€ºéxØFëQ%F÷ñ|ý-k•&JB l#\|*1Úèk”»ceUBn„Æ#*íNojy[z+=?½õ¤«9(¾¾ÄŒY’îK×ç§¡v#aPV_êÍÙS8YÖ#Œ°‰é>0¡òÂb»‚"ÎÁ¼2ÒÚ 1í2ÞÆ.¥w"Ÿ²¤¨’RÚ–|Ê/(®>Ù#ôàö—ôØÉŠð«'SÏ™QéÒšãövìxR§-UjÕjUÙJt… ¤õt'B¡ò6Í²•ök•cOC×ªL{$vO…ðˆÕUÙ–\+ÏN®ª"aàd Íçs?€4Ý³¥æÐ™R·/# Æ¨%5ƒ:U…x!’aðƒGº½hux]´øH\„hØqèÝÊ?bÝ¸Ùe+e3föò öbqÿ$¼€ ÞEþn:þn:þn:þn:~iÓq±T}ºé8–MÏaAN/ ¡C¸íºù|!uªKe˜eµ¼´`^Q|á0±]‚*ä|A°Ê¯›EÕÓ¾Í²¸Í¨¢ÛëÒXŸ¾åühÏ=?WíÏöµÔ–ãÜ€Úþ n?`«óÉ•Ð9Dêbð^ Û3 ’V*Õâ†ÉãÐ‰Gà0<ó5áà÷ÊæõÑØˆ±3;WÙ’TžÍ.ú9õB;úé“O¥t¦61$<>>J¥+:sà÷øtPw®›êZ"XÚ q—î§…rÖ§$ Scø„ÃOz”|’€¿™¶nlçÎ¢Æ„~#òz9&÷LHk<¨-é´øR"ó)ãácèÒ%õØK4œ{gÞ J×Âm5bøÒ±L*kµb¥ö”ãLÉ[ aœgÃHÔÃoá• ¾çÀÙŠ,| šÏeKJ|6»i;RÞ%öäŽÿ-7¥ÞÔÈæøŠäùœ…:Ú„.]ÍÙ“çR÷–.èn°[Žãù’ZP‹åMŠS“0àL1Å‹§œ¡`?T8Ø3ú>aàÑ@jþ•äK#/ÄÛÓñÕx2ˆ- óù-²=w!õ Ë¥žÔ2'¾Ô‚ÏÌ~xå8Áø¨*Q½¥}‚™•/¬øJÈh§¡Æ›ÄG×x¸Ì–³úü†Ë¶m w·t:÷,|#xÃB1‰y‡å^Û”Ž#Âj×+I›,{?$M{ÜQõ»mï»mï»mï»mïÙö´Rµ¨¾nÛ^¼´6/z°gwc¿Ÿè èÊôo|¼b˜[v:éY¦A17¨„ØY'r’`0 6BØ¼Bù!°oVl=öhØÛŽµ±mÉom4ŒßŸRI-IçŽ>_ckŽQt¶‹ŽkQ<ŸŽÑw}±™{³_nM@"ž+GCg^!ìŽ‹ ;½±kom*Œ‘Bm Ÿºc§Åô[šD¾7½™ ¨ÍÉcçÌX59&¨ú )àÁÁF3þààùÖfµh˜M µ[Ó›ûÂö}Juyå³½°ožT¬*±ºÜ„MÂºlß„u_ß¬n1ÜÈ”ððð—ùÖVª”;¦@mÌœâxð)vAŠÌáXÛ€±zÂ+¬þ:åö£N ë‡GÙØªØË›}†º×V(`{OÏ…ƒ¯¨:@ÜìJ¼ô^·'SjrTC\¢g5þÄY}äŽIëGÔØ”ó§Yuèu»ýQbo²Æ‡L<Œ´õy0…NþNcè'½6Ï"D ‘$ hÓÃ½>–Ý±7Þn#oìXa£É)ŒÄÞ^Îº¾Î,×ØÛþyÛ—ÜX'7úÕmïn6 ÜáDÒ€¥ Îœ‰3¨”îµRþ7hè–½‘4´†„øÅŸ-_jzñ§šxŒ)ã §hò®ãê–õ§<Üôš¸‚ŠWû˜‹ü‹/ß‚0täžøÖ<\ÍíæcÌ‹xŒxcøÚm ƒQ€NÓým¶YÃoÞþ‘}ìÔúÆÐA¦ËK3q#©¹·øAÛ¶‚–{{„Æ·ic9`ðWÛ²8¶ÀÆ°>4ÏŠBTÕãÊwžîº0¬ˆ¶¹¶–]G–÷èÌ¹¥+AÂÞfå²ˆY¬„–Y_Ë®ÿ¯ÄäöY°Œ–yë³òzªÐc~õ2oÿH@85Q•Y'6ÄŒ [I¢HgŒs“;úWú¡Äp ‹°8c¬™[›Ç£œ@ÎÜâï–†A? ¬ÔêáƒóÁá zò®îÁ@/ƒì/ÑùþÁ¾cïc¤¾¤&àÜ:¦ñF¬wÕÿŒÕüôƒÇ«ýÒž¥_ÚVýÂËÇÕ×÷-C :’/ó" ûaø«¥òïdÀ=I>’šöIUÚ‹fPLÑ ›¬ÖÃ™ÚBtýðÈÅÓ3a²Q¥Ql½"|¥7?ÓGxÄ0ùãî|ˆïiŽnîô[*0Íº8•ý;ö7I?‹øÔõÚr UËÖ|çQÁo|ÕŠ¾‚[NkiÑÎÒ¡è?Ñ*X`%\víÆÇ0îiHºá¹"÷:[<ÈÑÄüõRà®p "–×{aùS@™aÒ]úIÞY¦°À6OXàîQm ß¶LQÁÓ¬ý÷ŸfPuý!òÛ¿ÁTÇ}ÝfºÉ÷wwQòÖ¾_úsâ™_2UÈÏBÓSØNUòÇ{Ñë%ä'sæ:^ ÛÁÑ{áû&éTXTóC“ùâ‰Õùñ,ÁAÆµˆÿð%¢@â¨)àï`.ÕO÷ßKzø[ÅCÝ¸$~q=1"Rîø!0{’äÇ=á¿0*ÖÊÊ(ì®5§ùØÿt=î…ÏéTÔêxul?ó¿ŒÔFþXÊtý»`ñˆé ÷€¤†¬aÕÄÀB(ìø›hF˜ÈÞ1IAwy4Ì ¼~D?S9–E=1Ž÷¢Çˆˆ>œè'¢V8Î…÷{Ã)9¡¬4‡i™>‹<™˜»’˜4Â>(©ÙCZPBZˆ¦‘½—ôãÂ’õŠŒÒMä=çŽIì¥rø³1«ãêš’ÚrI|®l @`„•j¡ãñ&"l\MÎÈ! …ð8AXJrÜ˜E Pa îòâÃ{ÀöÃye‘‰%ƒŽqï¡À ð‚‚ÿÒ¼™äÛñfºµ2ô0Æ`Øæò˜S³©ˆÙ,^4íð9ªJ7ô11ÇœSÃÇAµŠRS×s.öÓó}”KþRG—¤Öê(Vzdq¿Ké<ÆÏ/ #|ëù»©PWw·Æ„‰ÏàFKJ9.ÊÖ¤·À’G]ª#Ô„‹VôœpU)” ‰&G ´øÁ_~ Å¨äÓt 6§Ï ÓyZSLx°!Vêi ?Ll=™€EGx¨Vêi ±§®jíÜLø:WZ9O¬wÑzÅô¿¥¶Þ¼twŽO%Z¹YÑ©š4›-Ý¾Yg†ŒºMyYÔE…E8¡‡¥N cáR¹…—=D;w“>€=vnNøòÀN?,Ð¥ùó’É"µöèQGâl·‘ã‘ÛŒ¼TÒŠ…j95ò¶îYÒ4h· PÑƒ-“O:}Òã.ŸÃb¹Øˆ‡ÇÏ>Š¥PP*Ä(°¶™üZzòÏõÊ#ó1ûá,@Ì'Ûà²íÐÌùîcÕâ±Þl5ÝÕôXãcqè¥Ò•‡¸Aˆ–o¡Áú7¢?ë|ïÎí%5FÂo[q{e>ÙxÊˆÑ£g³¹Þz!-:s^`¶ci·á*ñpÍm†[*¥†{5çÝûûYŠ«Mh¡<#Ô¾5=ÇFëõÌñ#G^¬n/Ö9µ×R#£=A]ØYrRæ7×Ò¸xÉfZÜö£-©j%ÁÛúVó¬¤G»4¿K,Œ2;‰kÄÄÉVº t[·Mý@Ø&ŒDÒséÈÔq™ÿó™±”`þß·b~m–úŒë•ð9Œ¬\‹G6ÙŠÚÓb }—wu 3ZNpùx›¤×´ B\Ü]]JÇ_!žÆ˜¢}‡'âš+# ÿ¨âˆ©Äˆ¡[ „b–V›&w’< ún²~„ÉzèÁ*:ŸOèœeè^ðfÿüò…Ê÷ZUÙ{”8ÊýŽÖÐšØ†‡üø®t <ØøNœŸ ·¥sÝ´XÌ7‹ÐŠÏ_'>¦ÐoÂg³IŸ×„QÁTð1…·¹ :´{“á›‚rP®¨Zé-‰ììñ»Gƒã÷_ è°6aVÄzîgZ ãq!‰GÖ)|Jƒ}ðØoƒÜ ìñÇÓ#d2“zÞ˜ýó€xy8e°#ä˜k’ÊŠÇWH7¬«½}H[gÞ'éƒ€tZêˆ$/ÿñ¤eìŠƒÌ\„(aÀ'KBþ@q4ÚÌ{è¡Ù9#íëÞY»ßo_õÐÂÃ ¡‡4¾pæ(¯M$‚‚—Ä{KÝ›E7ü@gadñ'`|Äi8÷ñqv 36àg²>akH"È.*+ra 3|²Cé x×t˜'lë¹Àm×hêÀjÅo²Cë^À“ýùË “/é†¾ø)ø–s¶ŽS®©;9Ä”#ÍØSJò¯7£zûúãÕEO©)ô GTw.2ÈOŒaHÃ9PÍ-S«>«bX"¾`R1ÖšX£€ÇQ¤áð?ÿÓøÜóýÿþ~Õë1î&§ív+ÁÜÂŸ¶´,Â@€×‹ÐIÔ`lŽ‡>ÅcÏ™¿àos/Íh0u@sXg”©#ô.âÎEèª.Ó»üÏüqô™{Ôï¦x*ó‹[§³!¾4‹Û|83ˆ€{–¼ãRûÍ>èÐÉ–C§£zEQÄt–á#?›êžKg0÷™“{e/—8º9PÜq.5%Lj‡·)ŠÕâÃs’èBœ‡4–”_ ‘ŠîõœæDƒµÂÆIwÿ‘é6ºúÃ¾Þš#_fÑ˜†A@æp)4fÌÀ¯èêTÕŠR SB•ºª`ê@)ð5Cð®[ÁDUµ”¸¯|ë.O¼OñádßYÝ,«f/cÇ_+\êiB®¤R® .Ñ ºô?¨ç$-GÆìŽ†Ž»÷¨dÝR|šè€ø:¨„>^”‰×þT·o 9æÍËË³/ä´{EšäôªÝ&½OÇ½“«Îe¿Ó½ Çí³î5^šÂ¶Öô-œør5Ýu§îw[_Nº—_N;íË«ÎE?×85ñvz;¦É6ÏôµM&Æ‹BÁ´ÝyÒË2” §Íó6ÓSæ§r¦ß[Ôžpi.$/"GcÉ‚w–¯Êá¥á%;ú¬ˆé£²¸<ÏÛÄ‰3º^< óýNÿìL‰"Ûa^ôe=DM@Œ ½8ö›†›ÿÂøÇÐJA~³Õºj÷zZ6¶âR[NA§ÿåü³/Ž|v§ãeQÿÕtÉ‰cdHw>µè(¸éõ›}|#lc*Ú½¯ç*5=Vš«0×ß8ŠâS„Ý^û¬}Ò'Ý‹v®ªÔ¼V¢¾(Ût6çwZ¹F§•‘ýëdôí3‹Œ|è'£ÿ{¹ÆÇ^FþÈÿ²9ÿàŸeÀ?ÇçN2æçÆž1þs€žð{žßsÀÏy~Î{øRPF>Ðçy}ž}žgÐ'òèEÆø/>CþçŒüÿ!#ÿoÿ·ŒüsÈ?ÏÈ‡ù½È˜ßàŸ‹þ¹€ù»È˜¿.ô¿›Ñÿ.ÈŸn†üé‚|éfÈ—K Ëú¸„ú—õ¯€~®2è§ãïeŒ¿ãïeŒ¿ô×Ï ¿þ? ÿ›ó?}}Ê ¯Ïÿ9+Æ÷9c|ŸŸ3ðw ù×Yù@¿×ô{ í_g´ ôwAÉµN’2Ö!ÈofðYó7NOo§T8Çù¥\ã8ƒ^JeYõ+ÀOYù°…º8ÍÈ¯A~†<++ŸA/°Ónt3èµÛØË<—¹Æß3Æ_üõ2ø½øû÷ïÌµŸTÐ¯Ë“n+¹¯—šÞa¨\éŠŠgmá5õ™·¬í™nZÇ¸ÝJÚt1ì6ž‹ „¾¾2xÔ¾×(ãK•Ö¡`ÉÊ¼¶7©8™‡¯ (np”KXEÃ»úÌ"›°#hhÖÛ4oÄº.³þ‰ö³‚’0÷¤¬ûÜèŠ˜Ÿ’*}h:à=W×ãv ™ìÜ+aïJY._•YnÙÆŠ6¨§ÕêSL¬Éó¢ÏqÏœ%Oœ‡½íq¬’aNÌ@·BXŠìë3×Â°>}oAD6ŸKîA³1Ÿ¹w†ô„ÝúÝ£,dÌþá'Hßª—™´5šûÐˆw›Ÿ3+ ²=yÂÑ}Ýå€Çn}ÞíFò»‰_ƒqñÐL¸ÁzuŽüÜÒš<´O½|·<Àå£íèd?¾/íÝ¹gÖ¦ªkã€kŽƒð$kûÃ ‹ó6”Kæ‡HÒÿœ¸>á]™ý©;ð¹ÓìÀ£xµÎß‡ðoÍÁÓRg¢ÆUúùtÕéa©W=¤}uÑ<\6ß·Y¢=ŸÕì“¥/‚ºÊ>ŽgAÝ7gn"ª§B8¡„ÓúCÁ¯0ŠÔ ÝdÐp=sç¤÷.Å‰ýS ;wE-Ñ=CôO_ N×ãé•º.Õ{0æâÇ½ {+u ƒ‘e¢IäÜùP*5¨Và·Z®”*åÜÑ{ò_É"¦máz@FÅfDÕdU‘•*ù«œì[«••Z©X˜,Îgˆ‚/•Îg2 l]ægúÛ†½JÉŒ¾¡ZžCO\3äÑCX.†á¸ƒ†}Œº•lé5ºÿ@ˆè —Pxù˜øø¯mÔE˜y+cXAV›7³/\FÕ½D¼<ì'ìMÒ~ mÇ

tîQõçî…¡{ßaäpºº¼7t™ýäËZ4¸s<|0 /ÞÆŽ…qºpƒÛ p ƒ–1‘â.`:} ï·xózÒ¼tÂz°»qcÔYñc#®IÁ‘rHxÙLÂ°k#|> CÄG)1õÑm&Ä¤ŒªuÇ¤Aû¢Ö¾šhd9bký’cËÉ˜P¼úë¯cÖˆœõP¼¶‡ÙéFÄŠó 1ŽL¹;-³iµ¡ø•ˆ¯»Ü‰åÌ -æg–òPK|æÂ±-]~Ìét—g[÷=Ç™ÛÅð-Nß_ÛÕÝ¨3…KþH˜Ÿè¿Hy®$gl7ØþÉ@Áá-Ó¡5còìm/éœêxŸçÀ‹õB¾Œý|ÿ pÞI„iãèý)^hMóŒqç?Ši"r]Ã6»MbÙ‡ý%ÝÞ?ž0Ég¦=¿gÁôñC©Çîl–NzÔ„§QøTi|™ð³é?I*_zl³í³Àx¥Ä ,)Tvüç$QÊ.ÀZÔ¿u€?py0tœì'‡úØc˜r=oÀ—Ê%A°aÈ»Lþ:ƒ¾LøœÄÑß =´à½g¥ÖÁßž©—s·YF¦ƒ‹%è‰¬GÇÎ}ß±iB Îþ àà+f$1Œô°DJ VÛi êv.Éô©EÝ©c£FöÙé\’žcÍ… x{p¬T<² S« ã>þ‘ðáÍv Uõ Š^„{3®EÐ3$Æ0z<î@SŠÄ C)deöf¬¦°F{Ý&Žƒ×3ún¬ò=GI®DO€¿nÄÍÄÅÓ–çuMÄj€Î²ÀÙ’Ø›¸¿½¥–ãbLÝu½&¥ ±n…!ç9»Ðã&Ý_akövÛéÞh*µí ÞÊb1?0ˆ„ä¿ˆx!ô$üâ[0„–Wž6p|!ÓÛ‡Äé[ÃgAÇ2D~{F=&*P=fÙZàËðO:]Òáùún,ö0ð^z'»IkÉú3G}k[VäeÙ„Ý¡K^!ìØ£|´"eI.¾¶’Ï„&•ß Šÿ%À’#±˜#Rë.<OØ…ÝFg‘/d)ùŒö0ØPñy74ðw—<ïqÛÀ"I>ô)…nÀ8tú»0öª[ÁT:>æyÁ„eP»ñÞ©iëöH@_vìÜ¹iÌ¦˜VhHm;)Á¡¥ ðöéçæ•ÿh2´Ö0OÀ´±Á¸ì3úî&ì Xè|Šáw^êØ©;q†VÅGÉæ3È>Æ›rÂx{GkÚGÛ¹³¨1¡¯Ž>$(+£ôu`·'»Õ+ù~"Ævõ[ß›Å›Ë,!Mwt8œ/ o“9knÈ>Ê×Q´$ùT¡§{‹¼î»ƒ¿ÐÊâtÐ¤ë/“ƒA.ÈSt²K 6[øý £'"ÀÄÛ‚ËtòJ-úË¬>sV‘Â¹":UXòJÙÍh,8/þ#ì ×ÌtÇ¿¶ÚäŒ;›¢–Þ¢[r,²#Å–€ÎíiÙ3”x†|@ =ÈÛ oF8¨èqó5`y‰Ø+À@Ž²0ëÀ4{—ìÑÛŒãÔ±WŠÖx´»xñ ãûwºuƒuky!ÎÏÌ1€õ7 ¦Ÿ(ðÉŸ=ì±~TqÞ®7£(GÌÑ¦i#ç¢À®€uTª-êoÜveÑ©ã›&ÙóÏßµ¿SÝ3pß¼±¿D]Y>¶íÊó°ÿ;Ð ŒŠ±O1ÿ!ngFbíëÇ fÏ†Å€ðžŸnÅç{H¿âæù1îñ6ø^f+°®1þÝ±×Oãeëtc)dÒö½vŒÌ„üËÂ6 ¨!Ž´µžyy©uvÒ• ÿÞ^è¢¸É†¹I¬F`Úc^d«;òØ+)íØ‚9ì—r¢Ú{ðO †±0b¦Oü°Ý1l¥†Qˆñévî7}êÍ`ÅF*ô)AuÒ°‘OÂ·•‹ì xÎs«—ŽeŽ¦H"<-š—Ç]°8Sä—|ŸíY½[XŠ„/5b¨çb8(œæÉG=ZŒÁŠ{|†Ïì†XKÚå¯V³· mr7u,˜r?»]Ù,LÔ“ÑCi>c¡1Ä½w1²¹óLØB˜LÓÇ÷¯6÷€µIÐðÔQy6;|,ÝÅÑbZ"ÉND×Š“rI)šÉ9´=ÔíO¬9.*¤LØêÃH6åc?t¤ftÊÅ/‹Ð@–ÃÅõä“]èNg"a?¼#À¹ah|àÙ‘>sÉÏ‡ÎòÂAÄ‚+§<§"ßeîˆï}ñ%Ix³¾“¹ï+)–/,èÏ.ÈŸö$åøÊ#û}ÆM.tðýÊÂ8bý{@¬xéTÜ,Àšïzý/gí•‡±öòf?øƒ¹Pžv/úÒió¼söå»TâëÉ†në °ëgÂëgGq^çk;,O{Ì(‘‰F¹â1ž8ûºÝyÿ¡¸&û¤{Ö½ŠÁâÏÐÒG7<÷¸yòñýU÷ÓEK ZÈKŠš„(Ó½jµÓ „Dˆ>Vî²Ùju.Þ'âc={ÿ‚©`ÝoìâäÊ7íst™g³Üs7þ*AÅP¡þÕtM£®je’pz'1ì4¿É×mEg,Šž´(3lw¹¬'5¥X-lõ¨íÞ;Û Ýo]á³®F‰å'·e›’1TU¾¦ÉœKäþRSkõ¥$Ä5¯Z¯ŠVÓÀ£úLNdÆ—ÌZQbníØ„;ÝÙø56ÝBJFklø˜{¾6ÖØ5ø‹®–½ÿš3¶k)