Linked by Thom Holwerda on Wed 4th Jan 2006 22:45 UTC
Windows The saga around the WMF flaw in Windows continues. "A cryptographically signed version of Microsoft's patch for the Windows Metafile vulnerability accidentally leaked onto the Internet late Tuesday, adding a new wrinkle to the company's round-the-clock efforts to stop the flow of malicious exploits. The MSRC (Microsoft Security Response Center) acknowledged that a slip-up caused 'a fast-track, pre-release version of the update' to be posted to a security community site and urged users to 'disregard' the premature update."
Thread beginning with comment 81963
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE: Important notice
by Marcellus on Thu 5th Jan 2006 05:23 UTC in reply to "Important notice"
Marcellus
Member since:
2005-08-26

Also note that, according to the SANS ISC, unregistering the dll is not a 100% sure protection, because malware may re-register it.

In the same way that malware can re-register the dll, they can patch it in memory like the unofficial patch does, and still screw you over.

Reply Parent Score: 1