Official WMF exploit patch leak
It looks like, the Windows patch (or a beta) for the WMF exploit has been leaked online. It sounds as though Steve Gibson got a hold of a copy and has tested it along side the unofficial patch. All seems to go well. He notes that the build date was December 28th. So, they have been on it since very early on. That’s reassuring. It would be nice if their testing process could be a bit streamlined though.
I do wonder about the “leaking” of the patch – Microsoft officialy recommends against trying it. (I would too – stick with the unofficial patch until the new update is ready.) I wonder a) what kind of testing structure they’re putting it through and b) what the harm would be after doing initial testing to make sure it didn’t cause crash/burning/”oh the humanity” release an early version through a registered hotfix download. (Let people give contact information, receive a download link and then follow up with did it work, what problems/etc?) (Of course give appropriate disclaimers as well…)
I’ve heard references that it might come out earlier than Tuesday, but I think that was just speculation.
Popularity: 1% [?]
Related Posts - WMF exploit unofficial patch Sans is talking about the unofficial patch for the WMF vulnerability. One of their handlers has helped with it to extend it to work on XP SP 1 and Windows 2000. They've also looked at the patch thoroughly and it sounds as though it's very well done. We want to......
- Hexblog (WMF unofficial patch) back up Yesterday the hexblog, which is the site of the person that wrote the unofficial patch for the WMF exploit, was offline for bandwidth over use. Several mirror sites popped up to host the patch. Today the site is back up at http://www.hexblog.com/ in a more minimal form. It's suggested if......
- WMF patch from Microsoft expected January 10th The Microsoft security bulletin on the WMF vulnerability has been updated to indicate that Microsoft expects to release an update for the issue in their regular patch release on January 10th. The first couple paragraphs strike me as a bit defensive. Explaining about their immediate mobilization of Incident Response and......
Related Websites - Download Microsoft Windows 7 RC Hi Folks, Microsoft has released Windows 7 RC. Here's what you need to know: This is pre-release software, so please read the following to get an idea of the risks and key things you need to know before you try the RC. You don't need to rush to get the......
- Find Out What it Takes to Create Your Personal Brand with Social Media Producing a successful personal brand is an outcome that all business owners want to achieve. This is because ultimately that's how you make an impact on your target audience. However, when it comes to producing your brand via social media, a lot of people usually become confused. So how do......
- Best Registry Cleaner for Windows Xp The search for the best registry cleaner for windows xp might be sometimes difficult because of the numerous options that are currently available on the market. The best thing you can do in order to get informed on the registry cleaners is to browse the internet in search for forums,......
Similar Posts
- WMF unofficial patch updated
- WMF patch from Microsoft expected January 10th
- WMF exploit unofficial patch
- Microsoft releases official VML patch!!
- Microsoft releases patch early for WMF exploit
January 4th, 2006 at 4:47 pm
Leaked “Official” patch
Looks like a Microsoft patch for the WMF exploit has been leaked . Steve Gibson alludes to it’s presence on the web.
On many levels this bothers me – I can see there being an underground explosion in “fake” &#…