WMF unofficial patch updated



There’s been an update to the unofficial patch for the WMF (Windows MetaFile) vulnerability. The main change appears to be some options to allow for quiet installation (unattended) to help administrators in large environments try to roll the patch out in automated login scripts/etc.

It can be found here or at the incidents.org site.


My biggest question at this point is how long before Microsoft releases a patch and how similar it will be to the unofficial patch. I’m sure they want to do some quality control testing on anything they release so it’s thoroughly tested, but…. I would have thought with a severe problem they might have published a “this should solve the problem but it may have other unintended consequences” stopgap.

Hopefully there will be an official patch this week, but don’t hold your breath.

I saw someone comment that Microsoft should pay the “unofficial patcher…” to incorporate his fix into theirs. You would think that his work would make what they’re trying to do easier. One thing though, Microsoft has traditionally seemed slow to swallow it’s pride and accept anything from outside their walls as a good thing. It’s going to be an interesting week or two, no doubt….

Related Posts

Blog Traffic Exchange Related Posts
  • Official WMF exploit patch leak It looks like, the Windows patch (or a beta) for the WMF exploit has been leaked online. It sounds as though Steve Gibson got a hold of a copy and has tested it along side the unofficial patch. All seems to go well. He notes that the build date was......
  • Windows 98 WMF patch This hopefully will be my last post on the whole WMF exploit stuff.... It's prompted in part by a comment on one of the articles on Windows 98 and the vulnerability. I realized that I hadn't really brought things to a full conclusion for the Windows 98 users. Of course,......
  • Microsoft vulnerability whack-a-mole continues..... Translation - Microsoft patched one vulnerability another surfaces.... Incidents.org brings us the frustrating news.... If you remember the month of browser bugs series of exploits back in July, there was a denial of service there that appears to have code execution after all. Coincidence or not, it got publicly released......
Blog Traffic Exchange Related Websites
  • Weekly Round-Up: Post Holiday Sickness Edition Well, it's official: I'm sick.  I probably shouldn't be too surprised; Sondra was sick most of the week after Christmas (with me serving as designated caretaker/tea maker) and when she was feeling better, I went out to see my mother and sisters, who were just getting over their own illness......
  • Microsoft to Improve User Access Control in Windows 7 I was just reading a Slashdot article about Microsoft improving User Access Control (UAC) in Windows 7. In the cited PC Pro article, Microsoft engineer Ben Fathi says: We've heard loud and clear that you are frustrated. You find the prompts too frequent, annoying, and confusing. We still want to......
  • Another Great Week Reading My Fellow PF Bloggers Pinyo at Moolanomy (where I also frequent the Answers section) published What Is Your Credit Card Philosophy? where he discussed the different aspects of credit card that you should pay attention to, and his philosophy on cards which pretty much mirrors my own. Johnathan Mead who is the person behind......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site