On TechRepublic: Five super-secret features in Windows 7
BNET Business Network:
BNET
TechRepublic
ZDNet

January 3rd, 2006

Alternative sites for the WMF patch and Microsoft's response to the exploit

Posted by Suzi Turner @ 10:24 pm

Categories: General

Tags:

It seems that Ilfak Guilfanov’s site is down due to excessive bandwidth use.  Ilfak Guilfanov is the programmer who has created an unofficial patch for the WMF exploit, and perhaps the only reliable method of prevention right now. The patch is now available at SunbeltBLOG and at security site CastleCops thanks to Paul and Robin Laudanski.  The Hotfix checker can be found at both sites as well. CastleCops has set up a support forum and Ilfak himself is providing assistance there.

Btw, if you’re wondering who Ilfak Guilfanov is, he’s said to be a brilliant programmer and is the main developer of IDA Pro from DataRescue. I thank him for this patch.

So now the holidays are over and the folks in Redmond are back to work. What is Microsoft saying about the WMF exploit? 

Although the issue is serious and the attacks are being attempted, Microsoft’s intelligence sources indicate that the scope of attacks is limited.

SANS handler Tom Liston takes great exception to Microsoft’s response. Read Oxy-morons.

"…Microsoft’s intelligence sources…"?!?

Go ahead and laugh.  I’ll wait.

Through?  O.K.

While all of the rest of us were sleeping, it appears that the propeller-heads working on Billy Wonka’s Official Microsoft Research and Development Team have been hard at work creating a crystal ball capable of foretelling the future.  The only problem: it appears that they made it from rose-colored crystal.

SANS has posted PDF and PowerPoint files showing how the WMF exploit works and why you should use the patch. Microsoft says they offer free 24-hour phone support for security-related problems. If you’ve been infected by this exploit, I’d suggest calling Microsoft.  No-Charge Support 1-866-PCSAFETY or 1-866-727-2338.

Is this exploit being overblown? Perhaps, but I tend to think not. We’ll know only in retrospect. Is Microsoft under-reacting? Perhaps so. Last year this time, we saw the Windows Media Player exploits and Microsoft danced around that one for a long time before issuing a proper fix.

But then one has to wonder — Is Microsoft damned if they do and damned if they don’t?  I think the answer to that is a resounding Yes.

  • Talkback
  • Most Recent of 4 Talkback(s)
Beats me why the pundits are looking for a whiteout!  Jiim_z | 01/04/06
Not overblown  Sxooter_z | 01/04/06
Your blind to the facts and have succombed to the hype  bob2cam | 01/05/06
RE: Alternative sites for the WMF patch and Microsoft's response to the exploit  hhh_forums | 05/04/08

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

Recent Entries

advertisement

Archives

Favorite Links

ZDNet Blogs

White Papers, Webcasts, and Downloads

Enterprise Applications

  • Check out some of the easiest and most powerful ways to boost productivity while saving money on your application infrastructure. See ZDNet's comprehensive Enterprise Application resource center, now!
  • New Online Dashboard
  • Read about top issues IT decision-makers face every day, plus get cost effective solutions to real life IT problems. Oracle Topline