Windows Metafile Exploit

  Wuggy 00:13 04 Jan 2006
Locked

This recently discovered exploit has been well documented in this and other forums. Microsoft do not intend to release a patch until next Tuesday 10th. at the earliest. Meanwhile the number of sites with a specially formed WMF file to take advantage of this exploit is rapidly increasing and several trojans are now in circulation. If anyone is intending to download and install the 'unofficial patch' created by Ilfak Guilfanov you will be unable to do as the hexblog.com domain has been suspended due to the huge volume of traffic. Anyone looking for this patch can download it from Steve Gibson's web site at click here
I have installed this patch on my own pc running XP SP2 with no ill effect. It can be removed via Control Panel/Add Remove programs. So when Microsoft eventually get their corporate fingerr out and release an official patch the unofficial one can be uninstalled prior to installing the new one.

  Skyver 00:20 04 Jan 2006

Thanks very much for that.

  Forum Editor 00:29 04 Jan 2006

when their patch has been thoroughly tested - and they have confirmed this will be on 10th January. They know that if they were to release an untested patch and something went wrong they would be exposed to the usual avalanche of criticism - they've fallen foul of this before, and I don't think they're about to make the same mistake again.

At least one respected security source is advising against jumping the gun - Sophos senior security consultant Carole Theriault advised businesses not to install the unofficial patch. "We wouldn't recommend it, for testing reasons," she said.

She's right - I have advised all my clients to wait for the tested Microsoft patch. There's absolutely no need for panic to set in over this. Let commonsense be your guide, rather than knee-jerk paranoia.

  Wuggy 00:47 04 Jan 2006

Whilst I appreciate your concern that Microsoft thoroughly test their intended patch prior to release what happens to the poor souls whose machines become infected while they wait another week for a patch.
Carole Theriault may be advising businesses not to install Ilfak Guilfanov's patch but there are many more equally as eminent people in the PC security world wjo are urging just the opposite. I would refer you to the News aeticle by Peter Sayer on your own web site click here

  J B 10:29 04 Jan 2006

Hi Guys, couldn't help but reading this post,so if you would go to click here There will be extensive information on the WMF Exploit and how to work around the problem until Microsoft pulls it's corporate finger out as the forum editor puts it. Also this website has some real good information on other subjects, so it's worth at least a bookmark. Well I think so anyway. J.B.

  woodchip 10:40 04 Jan 2006

I suggest you all have a Read at This "Lots of bad advice for critical WMF vulnerability!"
BEFORE YOU DO ANYTHING.

click here

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

Best phone camera 2017

Stunning new film posters by Hattie Stewart, Joe Cruz & more

iPad Pro 10.5in (2017) review

28 astuces pour profiter au mieux de votre iPhone