Linked by Thom Holwerda on Wed 4th Jan 2006 22:45 UTC
Windows The saga around the WMF flaw in Windows continues. "A cryptographically signed version of Microsoft's patch for the Windows Metafile vulnerability accidentally leaked onto the Internet late Tuesday, adding a new wrinkle to the company's round-the-clock efforts to stop the flow of malicious exploits. The MSRC (Microsoft Security Response Center) acknowledged that a slip-up caused 'a fast-track, pre-release version of the update' to be posted to a security community site and urged users to 'disregard' the premature update."
Thread beginning with comment 81975
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE: Well done
by Celerate on Thu 5th Jan 2006 05:51 UTC in reply to "Well done"
Celerate
Member since:
2005-06-29

"Just make the patch, test it slightly so it don't breaks the basic functions of the OS, release it to protect your users"

As long as they make it optional. I can go a while without browsing untrusted sites in Windows (or I could just use Linux) and would rather that than having things break because of the patch. I'm sure sysadmins for big companies would really appreciate having the WMF hole patched at the expense of breaking other parts of the OS and having users complain to them all day, they may even get fired for fixing a problem most ignorant users were oblivious to at the expense of bringing up several other problems that those users aren't so oblivious to.

Early access for those who want it is fine, as long as the experimental patches are deselected by default and labeled as experimental on the Windows update site.

Reply Parent Score: 2