Page 2 of 2 FirstFirst 12
Results 16 to 20 of 20

Thread: The WMF 0-day

  1. #16
    Junior Member sydspirit's Avatar
    Join Date
    Apr 2004
    Location
    The Ether
    Posts
    28

    MIcrosoft update for WMF exploit

    Last Updated: 2006-01-03 13:52:41 UTC by Scott Fendley

    Microsoft updated its advisory (KB 912840) this morning with the below information. For those in academic environments, this may actually work in your favor as students will be coming back after the supposed release date.



    For corporate environments, IT Staffers are going to have to make a risk assessment. What would be cost to your company if you are compromised between now and January 10 if the update is released as mentioned? Can you really afford to do nothing? Are you willing to gamble that unregistering the dll is sufficient or do you go with defense in depth and apply the unofficial patch? You make the choice.




    'Microsoft has completed development of the security update for the vulnerability. The security update is now being localized and tested to ensure quality and application compatibility. Microsoft's goal is to release the update on Tuesday, January 10, 2006, as part of its monthly release of security bulletins. This release is predicated on successful completion of quality testing.

    The update will be released worldwide simultaneously in 23 languages for all affected versions of Windows once it passes a series of rigorous testing procedures. It will be available on Microsoft's Download Center, as well as through Microsoft Update and Windows Update. Customers who use Windows' Automatic Updates feature will be delivered the fix automatically.

    Based on strong customer feedback, all Microsoft's security updates must pass a series of quality tests, including testing by third parties, to assure customers that they can be deployed effectively in all languages and for all versions of the Windows platform with minimum down time.

    Microsoft has been carefully monitoring the attempted exploitation of the WMF vulnerability since it became public last week, through its own forensic capabilities and through partnerships within the industry and law enforcement. Although the issue is serious and malicious attacks are being attempted, Microsoft's intelligence sources indicate that the scope of the attacks are not widespread."

    ..............................courtesy of SANS

  2. #17
    Junior Member sydspirit's Avatar
    Join Date
    Apr 2004
    Location
    The Ether
    Posts
    28
    Microsoft has issued the patch early........

    Security Update for Windows XP (KB912919)
    Date last published: 1/5/2006
    Typical download size: 196 KB
    A remote code execution security issue has been identified in the Graphics Rendering Engine that could allow an attacker to remotely compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer.
    System Requirements
    Recommended CPU: Not specified.
    Recommended memory: Not specified.
    Recommended hard disk space: Not specified.
    How to Uninstall
    This software update can be removed via Add or Remove Programs in Control Panel.

    OOPS.....I am a little slow with this. But I am going to wait for this to shake-down before installing it.
    Last edited by sydspirit; January 5th, 2006 at 22:14 PM.

  3. #18
    Head Honcho Administrator Reverend's Avatar
    Join Date
    Apr 2002
    Location
    England
    Posts
    14,047

    =========== Please Read The Forum Rules ===========

  4. #19
    Junior Member sydspirit's Avatar
    Join Date
    Apr 2004
    Location
    The Ether
    Posts
    28
    Once again I am a day late and a dollar short........

  5. #20
    Super Moderator Super Moderator Big Booger's Avatar
    Join Date
    Apr 2002
    Location
    JAPAN
    Posts
    10,339
    http://www.grc.com/wmf/wmf.htm

    THere's a test to see if you are vulnerable.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •