Hunter Strategies LLC logo

Microsoft News Tracker

What's more interesting than observing Microsoft?

January 3, 2006

Microsoft issues statement on WMF vulnerability

Posted by David Hunter at 2:09 PM ET.

As mentioned yesterday, a public head of steam is building up around the very serious security vulnerability in Windows’ handling of WMF files. Microsoft attempted to relieve the pressure today with a press release that said hang on, the cavalry will be coming on this month’s regular Patch Tuesday (January 10). The relevant security bulletin was similarly updated. Unsurprisingly, they are not encouraging installation of the unofficial third party developed patch. I guess it’s going to be a race to see if any malefactors come up with an exploit that gets traction before the patch arrives.



Filed under General Business, Patch Tuesday, Public Relations, Security

Related posts:

 

2 Responses to “Microsoft issues statement on WMF vulnerability”

  1. Microsoft News Tracker » Microsoft releases WMF security patch early Says:

    [...] Contrary to it’s earlier statement, Microsoft decided to release a fix today for the flaw in the handling of WMF files that had exposed the security of all recent versions of Windows. According to the Microsoft press release: On Tuesday, Jan. 3, 2006, Microsoft Corp. announced that it would release a security update to help protect customers from exploitations of a vulnerability in the Windows® Meta File (WMF) area of code in the Windows operating system, in response to malicious and criminal attacks on computer users that were discovered last week. [...]

  2. Third party patch released for zero day VML exploit -- Microsoft News Tracker Says:

    [...] There’s another serious zero-day Microsoft security exploit in the wild hitting Internet and Outlook and the citizens are taking matters into their own hands instead of waiting for the Microsoft cavalry. I think I’ve heard this story before. Maybe twice. The twist is now that the citizens are more organized as Ryan Naraine reports at eWeek: A high-profile group of computer security professionals scattered around the globe has created a third-party patch for the critical VML vulnerability as part of a broader effort to provide an emergency response system for zero-day malware attacks. [...]

News Search:

Recent Posts:

Daily Digest Email:

Enter your Email


Powered by FeedBlitz

Categories:

Full category list

Archives:

Archive List

RSS Feed:



HunterStrat Links:

Other:

  • Powered by WordPress.

Advertisements:


 

Related:


Misc: