Official WMF exploit patch leak



It looks like, the Windows patch (or a beta) for the WMF exploit has been leaked online. It sounds as though Steve Gibson got a hold of a copy and has tested it along side the unofficial patch. All seems to go well. He notes that the build date was December 28th. So, they have been on it since very early on. That’s reassuring. It would be nice if their testing process could be a bit streamlined though.


I do wonder about the “leaking” of the patch – Microsoft officialy recommends against trying it. (I would too – stick with the unofficial patch until the new update is ready.) I wonder a) what kind of testing structure they’re putting it through and b) what the harm would be after doing initial testing to make sure it didn’t cause crash/burning/”oh the humanity” release an early version through a registered hotfix download. (Let people give contact information, receive a download link and then follow up with did it work, what problems/etc?) (Of course give appropriate disclaimers as well…)

I’ve heard references that it might come out earlier than Tuesday, but I think that was just speculation.

Related Posts

Blog Traffic Exchange Related Posts
  • WMF exploit unofficial patch Sans is talking about the unofficial patch for the WMF vulnerability. One of their handlers has helped with it to extend it to work on XP SP 1 and Windows 2000. They've also looked at the patch thoroughly and it sounds as though it's very well done. We want to......
  • Third Party WMF patch The F-secure blog is reporting on a third party patch for the WMF exploit. I have not tested it, it seems to come from a knowledgable source though. As I'm writing this though, the thought strikes me that a really nasty trick would be a claimed fix that actually exploited......
  • Hexblog (WMF unofficial patch) back up Yesterday the hexblog, which is the site of the person that wrote the unofficial patch for the WMF exploit, was offline for bandwidth over use. Several mirror sites popped up to host the patch. Today the site is back up at http://www.hexblog.com/ in a more minimal form. It's suggested if......
Blog Traffic Exchange Related Websites
  • Download Microsoft Windows 7 RC Hi Folks, Microsoft has released Windows 7 RC. Here's what you need to know: This is pre-release software, so please read the following to get an idea of the risks and key things you need to know before you try the RC. You don't need to rush to get the......
  • Find Out What it Takes to Create Your Personal Brand with Social Media Producing a successful personal brand is an outcome that all business owners want to achieve. This is because ultimately that's how you make an impact on your target audience. However, when it comes to producing your brand via social media, a lot of people usually become confused. So how do......
  • Windows Vista SP2: 6 Things You Need to Know Windows Vista Service Pack 2 is set to be released as a public beta version Thursday, Microsoft has confirmed. The program, which has been under limited testing since October, will become available on the Microsoft TechNet site. Here's what you need to know before making the upgrade. Vista Service Pack......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

One Response to “Official WMF exploit patch leak”

  1. The PC Doctor Says:


    Leaked “Official” patch

    Looks like a Microsoft patch for  the WMF exploit has been leaked .  Steve Gibson  alludes to it’s presence on the web.
    On many levels this bothers me – I can see there being an underground explosion in “fake” &#…


Switch to our mobile site