Both five days early and eight years late, Microsoft released its fix for the WMF vulnerability.
Last week, Microsoft announced it had confirmed there was a problem with all supported versions of Windows. Yesterday, they said the fix was done and was being tested, with a release date of January 10th.
Well, they have released the fix today. Five days early. That's the good news. The bad news is that you've been vulnerable the whole time.
Of course, any vulnerability is a problem only if someone knows about it to exploit it.
But someone did. And this past weekend, when someone released the exploit code to the public, it became an urgent issue. Because it was now much easier for the bad guys to find how to do the voodoo that they do so well.
Anyway, Microsoft appears to have fixed it. And they appear to have completed testing. And they've released it.
If you're running Windows, you might want to consider getting this update.
Or switching to Mac. Or Linux.
Microsoft releases vulnerability patch: opens 8 others.
ReplyDeleteAnd people wonder why I run 3 firewalls.
Bomb Diggity...
ReplyDeleteToday's dose of NIF - News, Interesting & Funny ... It's Stop the ACLU Thursday (+ Open Trackbacks)...
Well, my primary firewall is now a Linux box. Just barely enough Linux core functions to support firewalling and routing, nothing else.
ReplyDeleteBehind that, Three flavors of Windows and one flavor of Linux (although I do try out others from time to time and have started tearing down and rebuilding the Linux stuff).
But since I'm the sysadmin for our lil one-house network, the most advanced encryption available for my lil sub-firewall
outer/wireless box is set to its highest level, and ALL computers are kept at the latest stable patch level, anyway.
Still going to be a primarily Windows house for the foreseeable future as none of my clients operate in a Mac environment, and only ONE is a Linux kinda guy (he only needs hardware support, really, and if he were so inclined, could do without that--heh).
Was late posting about the patch... cos I was busy making sure all my *cough* paying clients had applied it. heh.
Well, at least they released a patch. Now hopefully it shall work.
ReplyDelete