Everybody has probably heard about the WMF-related bug that creates a critical hole in Windows. But what is this vulnerability, how does it work, what systems are affected and what can you do about it ? Computerworld's Angela Gunn has put together an interesting and extensive WMF FAQ: What you need to know.
Most people will agree that Microsoft did not handle this problem very well. First, this patch would be available on Jan. 10 (while security experts recommended the installation of an official patch), then a preliminary version of that patch leaked out "by mistake" (although it is an interesting alternative to beta reviews), and then Microsoft realized that it could not wait any longer and made the patch available on Jan. 5.
The official security bulletin and the patch can be found at Microsoft Security Bulletin MS06-001: Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution.
Posted by admin at January 5, 2006 11:29 PM