WMF patch from Microsoft expected January 10th



The Microsoft security bulletin on the WMF vulnerability has been updated to indicate that Microsoft expects to release an update for the issue in their regular patch release on January 10th. The first couple paragraphs strike me as a bit defensive. Explaining about their immediate mobilization of Incident Response and immediate work on a patch, in addition to the explanation of extensive testing of the patch in 23 languages….


I didnt’ see any reference to the unofficial patch, and didn’t really expect to. There was text to indicate a somewhat downplaying of the current threat. (In my view). Hopefully the patch will be out before it’s use is “widespread” in Microsoft’s view.

–update 1/4/06–
The SecurityFix is reporting on this today. With a suggestion that MS may release a patch sooner than announced given the bad press they’re getting from the announcement. Also, Windows 98 patch outlook does not appear to be good.

Related Posts

Blog Traffic Exchange Related Posts
  • Exploit for Unpatched Internet Explorer vulnerability Well.... buckle your seatbelts it's going to be a bumpy start to the week. the securityfix as well as incidents.org are reporting on exploit code that has been released that takes advantage of an unpatched Internet Explorer vulnerability. According to the Sans institute diary entry... they have tested the exploit......
  • WMF exploit unofficial patch Sans is talking about the unofficial patch for the WMF vulnerability. One of their handlers has helped with it to extend it to work on XP SP 1 and Windows 2000. They've also looked at the patch thoroughly and it sounds as though it's very well done. We want to......
  • Lawsuit to block the release of Windows Vista? Betanews.com is reporting on a move by a public interest lawyer (who is running as a Republican for the Governors Office of Illinois) who is attempting to block the distribution of Windows Vista. He intends to ask Microsoft for an unconditional warranty that the operating system is free from major......
Blog Traffic Exchange Related Websites
  • Microsoft Office 2008 12.2.5 Update for Mac OS X Microsoft has released security bulletin MS10-038. This security bulletin contains all the relevant information about the security updates for Microsoft Office 2008 for Mac OS X.  To view the complete security bulletin, visit the following Microsoft website: http://www.microsoft.com/technet/security/bulletin/ms10-038.mspx This update improves security. It includes fixes for vulnerabilities that an attacker......
  • Conflicker - I mean, seriously If you don't already know, conflicker is a worm that exploits a buffer overflow in the windows server service.  The worm is wiley - there are several hundred variants and it is difficult to know how widespread it is.  You can find more info on the Wiki or on the......
  • Updating Daylight Savings Time (Microsoft "Cancel or Allow") I just woke up and remembered that it was the new updated daylight savings time. Since I'm Lazy, I didn't install the patch on my computers for the daylight savings headache. I thought it would be a quick and easy download. I should have known better. I was given the......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site