«
»

WMF patch from Microsoft expected January 10th



The Microsoft security bulletin on the WMF vulnerability has been updated to indicate that Microsoft expects to release an update for the issue in their regular patch release on January 10th. The first couple paragraphs strike me as a bit defensive. Explaining about their immediate mobilization of Incident Response and immediate work on a patch, in addition to the explanation of extensive testing of the patch in 23 languages….


I didnt’ see any reference to the unofficial patch, and didn’t really expect to. There was text to indicate a somewhat downplaying of the current threat. (In my view). Hopefully the patch will be out before it’s use is “widespread” in Microsoft’s view.

–update 1/4/06–
The SecurityFix is reporting on this today. With a suggestion that MS may release a patch sooner than announced given the bad press they’re getting from the announcement. Also, Windows 98 patch outlook does not appear to be good.

Popularity: 1% [?]

Create PDF    Send article as PDF   
Blog Traffic Exchange Related Posts
  • Microsoft releases patch early for WMF exploit Microsoft has released the patch for the WMF vulnerability that's been all over the news early. It was released to http://windowsupdate.microsoft.com ahead of the previously announced January 10th "patch Tuesday". Congrats to Microsoft for getting this out the door early. That should go a long ways to blunting the attacks......
  • Lotus Notes WMF vulnerability This is really the same zero-day wmf vulnerability, but there is a twist. It's been found that Lotus Notes v. 6.x and up are vulnerable to the Windows Meta File (WMF) exploit that's making the rounds. Probably not surprising given that there are reports of many vectors of attack, not......
  • Another Win98 patch for WMF vulnerability There's another patch for those Win98 users that are nervous about the WMF vulnerability that was announced at the tail end of the year. This site has made the patched version of gdi32.dll available to any and all. Their patch is open source. They basically say "it works for them..."......
Blog Traffic Exchange Related Websites
  • Conflicker - I mean, seriously If you don't already know, conflicker is a worm that exploits a buffer overflow in the windows server service.  The worm is wiley - there are several hundred variants and it is difficult to know how widespread it is.  You can find more info on the Wiki or on the......
  • Microsoft Office 2008 12.2.5 Update for Mac OS X Microsoft has released security bulletin MS10-038. This security bulletin contains all the relevant information about the security updates for Microsoft Office 2008 for Mac OS X.  To view the complete security bulletin, visit the following Microsoft website: http://www.microsoft.com/technet/security/bulletin/ms10-038.mspx This update improves security. It includes fixes for vulnerabilities that an attacker......
  • Updating Daylight Savings Time (Microsoft "Cancel or Allow") I just woke up and remembered that it was the new updated daylight savings time. Since I'm Lazy, I didn't install the patch on my computers for the daylight savings headache. I thought it would be a quick and easy download. I should have known better. I was given the......

Similar Posts


This entry was posted on Tuesday, January 3rd, 2006 at 10:28 am and is filed under Computers, Security, Tech Support, Windows. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.

See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.

Switch to our mobile site