Microsoft Releases Fix for WMF Vulnerability Early
This just in...The Redmond, Washington softare giant Microsoft originally announced patches for the so-called WMF vulnerability were to be expected no earlier than the 10th of January, 2006. But this move didn't sit well with many users of the company's Windows operating system. As covered in stories at ZDNet and Information Week, the Windows Meta File (WMF) vulnerability is especially dangerous and existing workarounds considered "weak at best."
Official word from Microsoft execs was for users to simply wait for the the fix to be made available on the next regularly scheduled security patch cycle release on January 10th. But the lag between the December 27th discovery of the vulnerability and the proposed January 10th release of a patch left a sour taste in the mouths of many corporate data center operators.
Security think-tank and advisory clearinghouse SysAdmin, Audit, Network, Security (SANS) Instititute took the unprecidented step Tuesday, recommending affected users download a non-official patch ( available here ) from a trusted security researcher.
Following the Inadvertant release of a beta patch yesterday, the company has decided to move up the release of the patch that fixes the WMF vulnerability.
More details can be found at the Microsoft Security Bulletin Advance Notification page.
0 Comments:
Post a Comment
<< Home