WMF vulnerability advisory update



Microsoft has updated their security bulletin on the WMF vulnerability to note a couple things. One, they acknowledge that embedded images within a document can trigger the exploit. Previously they said this needed further investigation. Second, they are seconding what I’ve been finding that Windows 98 and other pre-XP systems are not as critically at risk for this vulnerability….


Although Windows 98, Windows 98 Second Edition, and Windows Millennium Edition do contain the affected component, at this point in the investigation, an exploitable attack vector has not been identified that would yield a Critical severity rating for these versions. Per the support life cycle of these versions, only vulnerabilities of Critical severity would receive security updates. For more information about the security update support policy for these versions of Windows, visit the following Web site.

Unfortunately it’s their reason for not issuing a fix for those platforms, which mens the second unofficial patch mentioned earlier today from an antivirurs company may be the only patch those systems get.

It’s not comforting that they will not release an update because it’s not critical. If you recall there was a recent 0-day explorer exploit that was a variation on an earlier known vulnerability that originally was not deemed critical.

Related Posts

Blog Traffic Exchange Related Posts
  • Wireless Driver Vulnerabilities There are a couple notes to pass along with regards to some pretty serious vulnerabilities in various wireless network adapter drivers. First, Sans has information on some Intel Centrino updates that resolve some vulnerabilities that would affect the Windows Centrino driver and the ProSet management software. F-secure chimes in on......
  • I've NEVER liked UPNP.... now I have another reason.... I remember the first Windows XP vulnerability was a Upnp vulnerability. I have made one of my first visits on any new XP system a visit to grc.com to disable it on an XP workstation. But, it's the great thing - makes life so much easier for setting up network......
  • System patching 0-days and ancient-day vulnerabilities There's a good article at Michael Sutton's Blog which points out something that really makes sense and I think many people are aware of, but with all the buzz that a new previously undisclosed vulnerability has, we forget. The point is this, there are plenty of machines online vulnerable to......
Blog Traffic Exchange Related Websites
  • PwnageTool and Redsn0w released to untether jailbreak iOS 4.3.1 Sunday us surely a Funday! iPhone Dev Team has released updated versions of PwnageTool and Redsn0w which give untethered jailbreak for iPhone / iPod Touch / iPad 1 on iOS 4.3.1. The release also jailbreaks Apple TV on iOS 4.3.1. But iPad 2 is not supported yet. Comex is still......
  • Determining the Best Age to Start Social Security Many baby boomers are in the home stretch toward retirement and thinking about what will be the best age for them to claim Social Security retirement benefits.  I have already written about this issue from several different angles but I thought it would make sense to pull all of that......
  • Antioch Marina, Antioch, CA Antioch Marina is located in: Antioch, CA Phone: (925) 779-6957 Boat Launch: Yes, this facility does offer a boat launch. Berth Fees: - Open berths: $5.50 per foot per month. - Covered berths: $7.00 per foot per month "Charges are for the length of the berth, or the length of......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site