Ipso Facto Comic

Zero Income Tax and Zero Payroll Tax

Opera: simply the best internet experience

Download Opera

Just Google It


porkbustersNo More Jean Fraud sKerry Bullshit

Open Trackback Alliance

Get the code for this blogroll

Add to My Yahoo!

Free John Kerry's SF-180 Blogroll


The Community for Life, Liberty, Property

Guard the Borders

Email Me

If you're using Internet Exploder to view this blog, tough. Get a real browser. :-)

Ignore the Blogspot "profile"—here's the real scoop

What's this blog about, anyway?

Comment-Trackback Policy

Stop the ACLU Blogburst Blogroll

Powered by Blogger

Anti-PC League

Thursday, January 05, 2006

Official Microsoft WMF Patch Now Available

Microsoft has now made an official patch available for the WMF vulnerability for all versions of Windows from Windows 2000 forward. See the notice at Microsoft's site here, and select the proper patch for your system.
Official Microsoft WMF Patch Now Available
(Click the link, then look for "Security Update for the Windows Meta File Vulnerability Available". OR just visit Windows Update. A direct download is more certain, though, with high-demand updates.)
...if you want to go directly to the page with all the patches listed by Windows version. Three ways to update, so you've no excuse. :-) Oh, and if you have previously applied Ilfak Guilfanov's patch, uninstall it through Control panel before applying Microsoft's patch. PSA-pinned to Ferdy's Bulletin Board at Conservative Cat Update: All the security/OS wonks I usually listen to kept saying AV only a very few companies had some partial protection against WMF exploits. I just checked Grisoft's website (remember: I'm concerned about computer security and have never suffered an infection by malware, probably because I practice semi-paranoid computing, BUT I am a tightwad, too. :-). All Grisoft's products (including the Free Version of AVG) have offered at least this much protection against the WMF exploit since December 29--pretty quick response:
Exploit.WMF These files exploits WMF vulnerability in Windows Operating Systems that allows malware code execution while WMF format file is opening. Unfortunately security patch for this vulnerability is not available at this time. AVG detects these files as Exploit.WMF and also as Trojan horse Downloader.Agent.
Not exceptionably bad. In fact, not half bad. Even unpatched systems can have such files noted for deletion or removal to a "vault" on normal daily scans (your AV software is set for daily scans as well as scans of all downloads, automatically, right? Right? :-) But. What about a visit to a web page with an exploit-embedded graphic? Better patch those systems, folks, even if your AV does offer some protection.