WMF unofficial patch updated



There’s been an update to the unofficial patch for the WMF (Windows MetaFile) vulnerability. The main change appears to be some options to allow for quiet installation (unattended) to help administrators in large environments try to roll the patch out in automated login scripts/etc.

It can be found here or at the incidents.org site.


My biggest question at this point is how long before Microsoft releases a patch and how similar it will be to the unofficial patch. I’m sure they want to do some quality control testing on anything they release so it’s thoroughly tested, but…. I would have thought with a severe problem they might have published a “this should solve the problem but it may have other unintended consequences” stopgap.

Hopefully there will be an official patch this week, but don’t hold your breath.

I saw someone comment that Microsoft should pay the “unofficial patcher…” to incorporate his fix into theirs. You would think that his work would make what they’re trying to do easier. One thing though, Microsoft has traditionally seemed slow to swallow it’s pride and accept anything from outside their walls as a good thing. It’s going to be an interesting week or two, no doubt….

Related Posts

Blog Traffic Exchange Related Posts
  • WMF patch from Microsoft expected January 10th The Microsoft security bulletin on the WMF vulnerability has been updated to indicate that Microsoft expects to release an update for the issue in their regular patch release on January 10th. The first couple paragraphs strike me as a bit defensive. Explaining about their immediate mobilization of Incident Response and......
  • Update on the Internet Explorer VML vulnerability Just catching up on the days VML vulnerability news from today.... It looks as though... the exploit is now MUCH more widespread this blog has some video of an infection, what's notable is that the first take was VERY UNEVENTFUL, it was used to stealthily install a keylogger. (So that......
  • Official WMF exploit patch leak It looks like, the Windows patch (or a beta) for the WMF exploit has been leaked online. It sounds as though Steve Gibson got a hold of a copy and has tested it along side the unofficial patch. All seems to go well. He notes that the build date was......
Blog Traffic Exchange Related Websites
  • Spyware: The New Annoying Threat A friend called me one day, frustrated out of his mind that his computer was acting very strange.  When he opened his Internet Explorer, it sent him to a strange site and pop-up windows kept covering his screen.  He even complained about the performance of his Intel Pentium 4 computer......
  • Windows 7 Sales Spike to Overtake Mac OS X [/caption]Proving there is no accounting for taste Microsoft’s latest attempt at a decent operating system, Windows 7, is now running on 5% of the computers online.  The daily average of online users as measured by Internet metrics company Net Applications showed that an increase last week put Windows 7 above......
  • Microsoft to Improve User Access Control in Windows 7 I was just reading a Slashdot article about Microsoft improving User Access Control (UAC) in Windows 7. In the cited PC Pro article, Microsoft engineer Ben Fathi says: We've heard loud and clear that you are frustrated. You find the prompts too frequent, annoying, and confusing. We still want to......
PDF24    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site