Tag: WMF

Actually, two of them. Fortunately, this new set of vulnerabilities, discovered only days after Microsoft released a patch for the recently-discovered and very dangerous previous WMF vulnerability, is much less serious. Rather than allowing an attacker to execute arbitrary code on your system, these two new vulnerabilities only allow a malicious person to crash the viewer, e.g. Internet Explorer, ...

Rather than waiting until Tuesday to release a patch for the much-publicized WMF vulnerability as most have anticipated, Microsoft got its act together and released an official patch yesterday. You can download the patch from Microsoft here or from Windows Update. Unfortunately there's no patch for Windows NT and Windows 2000 (pre-SP4) users or Windows 98/ME users whom, Microsoft claims, aren't ...

After a long and very uncomfortable silence, Redmond has finally spoken out about the very serious WMF vulnerability that exists in all versions of Windows by updating their security advisory on the issue. In the new advisory they say their "goal" is to release a patch next Tuesday and suggest that people take the same action security experts have been recommending for a week: unregister ...

The SANS Internet Storm Center has posted an FAQ about the WMF exploit that has been making the rounds lately. It says that all versions of Windows are affected and that even if you don't use Internet Explorer you may not be protected. On the ISC blog Tom Liston writes, "This is a bad situation that will only get worse. The very best response that our collective wisdom can create is contained ...