Linked by Thom Holwerda on Wed 4th Jan 2006 22:45 UTC
Windows The saga around the WMF flaw in Windows continues. "A cryptographically signed version of Microsoft's patch for the Windows Metafile vulnerability accidentally leaked onto the Internet late Tuesday, adding a new wrinkle to the company's round-the-clock efforts to stop the flow of malicious exploits. The MSRC (Microsoft Security Response Center) acknowledged that a slip-up caused 'a fast-track, pre-release version of the update' to be posted to a security community site and urged users to 'disregard' the premature update."
Thread beginning with comment 81877
To read all comments associated with this story, please click here.
Too slow...
by CapEnt on Thu 5th Jan 2006 00:07 UTC
CapEnt
Member since:
2005-12-18

What scare me is the fact they are already too late to release this patch.

Reply Score: 1

RE: Too slow...
by Celerate on Thu 5th Jan 2006 02:58 in reply to "Too slow..."
Celerate Member since:
2005-06-29

Isn't that usually the case?

When a security hole becomes public knowledge it's a little late to be getting around to writing a patch. But that happens all to frequently anyway because either the company doesn't know about the problem, or hasn't scheduled time to fix it until there are exploits already in the wild and they realize they can't wait any longer.

Reply Parent Score: 1

RE[2]: Too slow...
by jsight on Thu 5th Jan 2006 03:27 in reply to "RE: Too slow..."
jsight Member since:
2005-07-06

No, that's not always what happens. This issue has been known to MS (and the world) for at least a couple of weeks now, and they still haven't issued a patch.

Red Hat, Novell, etc, would never take that long to issue a patch for an issue with the severity of this one.

Reply Parent Score: 3