Re: Windows WMF Security Flaw

I did see a reference to it and what the fix does. I get very
suspicious of claimed fixes that are not verified from a know source. In
this case the "patch" appears to only do a registry change which is a user
setting anyway. It just eliminates what program automatically is opened to
display certain types of files over the internet. As it turns out, that
setting has already been changed for me for other reasons.

I don't recommend anyone jump on a fix when they don't know 100% that
the fix is not a hoax and will cause problems.

--
Joseph Meehan

Dia duit
"RicodJour" <ricodjour@xxxxxxxxxxxxxx> wrote in message
news:1136385813.040457.284910@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
> Joseph Meehan wrote:
>> RicodJour wrote:
>> > Microsoft is dragging their heels on this one. There's a third party
>> > patch that takes care of the flaw now and it has been vetted by a
>> > number of sources.
>> >
>> > This is a big problem. More information here:
>> > http://isc.sans.org/index_cached.php
>>
>> Not really home repair and I personally would be more than a little
>> concerned about a patch from anyone other than Microsoft and then I am
>> picky
>> about being sure it is really Microsoft.
>
> I'm aware that it is off topic for a home repair newsgroup, but since
> most people on this newsgroup use computers - and I actually happen to
> like you guys - I thought you'd let this one slide.
>
> I'm with you on the Microsoft fixing Microsoft products, but when
> they're waiting until the next scheduled patch release for a major flaw
> that is already being exploited, that's just stupid. That SANS site is
> a good one. Poke around in there - you might be surprised to see that
> some of the freeware antivirus programs are quicker to respond to
> published vulnerabilities than McAfee and Symantec.
>
> Anyway, do as you see fit, and I promise not to start hawking widgets
> and spamming in here.
>
> R
>


.