[pmwiki-users] WMF vulnerability in Windows systems

Robin robin at kallisti.net.nz
Sun Jan 1 22:13:39 CST 2006


On Monday 02 January 2006 17:00, Patrick R. Michaud wrote:
> There are literally millions of Windows systems vulnerable to this
> exploit, and Microsoft has not yet provided a patch.
Apparently they are providing a hotfix for this, as the next Patch Tuesday 
is a while away I think. In the interim, Windows users should either 
avoid using IE (preferably for good ;) or do the DLL unregistering trick 
on that SANS page. This may have minor side-effects, but stops the 
vulnerable code from executing. (Or install Linux:)

Whoever thought it was a good idea to design a file format that is a 
collection of GDI invocations allowing callbacks deserves to be slapped 
about with a wet trout anyway.

-- 
Robin <robin at kallisti.net.nz> JabberID: <eythian at jabber.kallisti.net.nz>

Hostes alienigeni me abduxerunt. Qui annus est?

PGP Key 0xA99CEB6D = 5957 6D23 8B16 EFAB FEF8  7175 14D3 6485 A99C EB6D
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : /pipermail/pmwiki-users/attachments/20060102/c05cd575/attachment.bin 


More information about the pmwiki-users mailing list