WMF patch from Microsoft expected January 10th



The Microsoft security bulletin on the WMF vulnerability has been updated to indicate that Microsoft expects to release an update for the issue in their regular patch release on January 10th. The first couple paragraphs strike me as a bit defensive. Explaining about their immediate mobilization of Incident Response and immediate work on a patch, in addition to the explanation of extensive testing of the patch in 23 languages….


I didnt’ see any reference to the unofficial patch, and didn’t really expect to. There was text to indicate a somewhat downplaying of the current threat. (In my view). Hopefully the patch will be out before it’s use is “widespread” in Microsoft’s view.

–update 1/4/06–
The SecurityFix is reporting on this today. With a suggestion that MS may release a patch sooner than announced given the bad press they’re getting from the announcement. Also, Windows 98 patch outlook does not appear to be good.

Related Posts

Blog Traffic Exchange Related Posts
  • Microsoft releases official VML patch!! The big news this afternoon is that Microsoft HAS gone out of the routine patch cycle to release a security fix for the VML vulnerability that's been actively exploited in recent days for everything from sneak keylogger installs to massive spyware installs. Sans has a few links, if you de-registered......
  • Exploit for Unpatched Internet Explorer vulnerability Well.... buckle your seatbelts it's going to be a bumpy start to the week. the securityfix as well as incidents.org are reporting on exploit code that has been released that takes advantage of an unpatched Internet Explorer vulnerability. According to the Sans institute diary entry... they have tested the exploit......
  • WMF exploit unofficial patch Sans is talking about the unofficial patch for the WMF vulnerability. One of their handlers has helped with it to extend it to work on XP SP 1 and Windows 2000. They've also looked at the patch thoroughly and it sounds as though it's very well done. We want to......
Blog Traffic Exchange Related Websites
  • Download Windows Server 2008 & Vista SP2 Microsoft released Windows Server 2008 and Windows Vista: Service Pack 2 on 26th May. I earlier had Windows Vista Ultimate: Service Pack 1 on my Dell Lappy. I upgraded it to SP2. Here's a screeny: Before installing, here are few things you need to know: Prerequisites If you have any......
  • Windows 8 Too Late for Business? Today's article is brought to you by Sachin from webprofits. We have seen Apple take big strides in the consumer market in recent years. We have seen the release of Chromebooks, and the big impact they are having in the USA, and particularly with schools. Apple is expensive and people......
  • Conflicker - I mean, seriously If you don't already know, conflicker is a worm that exploits a buffer overflow in the windows server service.  The worm is wiley - there are several hundred variants and it is difficult to know how widespread it is.  You can find more info on the Wiki or on the......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site