WMF patch from Microsoft expected January 10th



The Microsoft security bulletin on the WMF vulnerability has been updated to indicate that Microsoft expects to release an update for the issue in their regular patch release on January 10th. The first couple paragraphs strike me as a bit defensive. Explaining about their immediate mobilization of Incident Response and immediate work on a patch, in addition to the explanation of extensive testing of the patch in 23 languages….


I didnt’ see any reference to the unofficial patch, and didn’t really expect to. There was text to indicate a somewhat downplaying of the current threat. (In my view). Hopefully the patch will be out before it’s use is “widespread” in Microsoft’s view.

–update 1/4/06–
The SecurityFix is reporting on this today. With a suggestion that MS may release a patch sooner than announced given the bad press they’re getting from the announcement. Also, Windows 98 patch outlook does not appear to be good.

Related Posts

Blog Traffic Exchange Related Posts
  • Exploit for Unpatched Internet Explorer vulnerability Well.... buckle your seatbelts it's going to be a bumpy start to the week. the securityfix as well as incidents.org are reporting on exploit code that has been released that takes advantage of an unpatched Internet Explorer vulnerability. According to the Sans institute diary entry... they have tested the exploit......
  • Lotus Notes WMF vulnerability This is really the same zero-day wmf vulnerability, but there is a twist. It's been found that Lotus Notes v. 6.x and up are vulnerable to the Windows Meta File (WMF) exploit that's making the rounds. Probably not surprising given that there are reports of many vectors of attack, not......
  • Microsoft Update day for September.... AND Flash... AND Apple Yesterday, of course, Microsoft released it's monthly patches. I found the Windows update site to be painfully slow (and in some cases unresponsive.) It wasn't quite a huge update day by recent standards, but here's the summary.... Incidents.org has a nice chart showing the two re-released patches (one is actually......
Blog Traffic Exchange Related Websites
  • Prosper Update Enhances the Legal Enforceability of Promissory Notes There was a Prosper update last night.   Nothing that was completely unexpected... The one thing that struck me as interesting was that borrower's are now required to sign the promissory notes themselves...  Before the process had been that Prosper was authorized to sign on their behalf...  The part that struck......
  • Updating Daylight Savings Time (Microsoft "Cancel or Allow") I just woke up and remembered that it was the new updated daylight savings time. Since I'm Lazy, I didn't install the patch on my computers for the daylight savings headache. I thought it would be a quick and easy download. I should have known better. I was given the......
  • How to Install a Window Air Conditioner the Right Way As summer approaches, those of us without central air are getting ready to go through the annual ritual of installing our window air conditioners. However, were you aware that a bad installation can actually raise your electricity costs and make it harder to say cool? Here are some tips to......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site