Thread: WMF Exploit!!! Install this patch now!
View Single Post
  #21  
Old 01-05-2006, 02:12 AM
Tom [Pepper] Willett
 
Posts: n/a
Default Re: WMF Exploit!!! Install this patch now!
I, for one, did my research and felt comfortable installing it on my home
pc, and all the computers on our company network.

Tom
"Josh Einstein" <josheinstein@hotmail.com> wrote in message
news:OddXjBJEGHA.2036@TK2MSFTNGP14.phx.gbl...
| I'm just saying people should trust security experts. There *are* people
out
| there more qualified to give security guidance than you or MS. SANS,
| F-secure, and Steve Gibson are 3 such parties.
|
| The patch may be unknown to or untested by you, but not to those security
| experts.
|
| --
| Josh Einstein
| Tablet Enhancements for Outlook 2.0 - Try it free for 14 days
| www.tabletoutlook.com
|
| "Chris H." <winxpnews@hotmail.com> wrote in message
| news:eNZBS6IEGHA.140@TK2MSFTNGP12.phx.gbl...
| > Please speak for yourself only, Josh. This is a serious subject, and
you
| > shouldn't be letting your personal opinions about people interfere with
| > guiding users in the right direction. It is irresponsible for anyone
| > download and install such an unknown, untested patch. Microsoft's
| > security bulletin, in part, already issued on the subject:
| > =====
| > Microsoft Security Advisory (912840)
| > Vulnerability in Graphics Rendering Engine Could Allow Remote Code
| > Execution.
| > Microsoft is investigating new public reports of a vulnerability in
| > Windows. Microsoft will continue to investigate the public reports to
help
| > provide additional guidance for customers.
| > Microsoft is aware of detailed exploit code that could allow an attacker
| > to execute arbitrary code in the security context of the logged on user
| > when visiting a Web site, which contains a specially crafted Windows
| > Metafile (WMF) image. An attacker would have no way to force users to
| > visit a malicious Web site. Instead, an attacker would have to persuade
| > them to visit the Web site, typically by getting them to click a link
that
| > takes them to the attacker's Web site.
| > Customers are encouraged to keep their antivirus software up to date.
The
| > Microsoft Windows AntiSpyware (Beta) can also help protect your system
| > from spyware and other potentially unwanted software. We will continue
to
| > investigate these public reports.
| > Upon completion of this investigation, Microsoft will take the
appropriate
| > action to help protect our customers. This will include providing a
| > security update through our monthly release process or providing an
| > out-of-cycle security update, depending on customer needs.
| > Microsoft encourages users to exercise caution when they open e-mail and
| > links in e-mail from untrusted sources. For more information about Safe
| > Browsing, visit the Trustworthy Computing Web site.
| > We continue to encourage customers to follow our Protect Your PC
guidance
| > of enabling a firewall, applying software updates and installing
antivirus
| > software. Customers can learn more about these steps at the Protect Your
| > PC Web site.
| > Customers who believe they may have been affected by this issue can
| > contact Product Support Services. You can contact Product Support
Services
| > in the United States and Canada at no charge using the PC Safety line (1
| > 866-PCSAFETY). Customers outside of the United States and Canada can
| > locate the number for no-charge virus support by visiting the Microsoft
| > Help and Support Web site.
| > Mitigating Factors:
| > · In a Web-based attack scenario, an attacker would have to
host
| > a Web site that contains a Web page that is used to exploit this
| > vulnerability. An attacker would have no way to force users to visit a
| > malicious Web site. Instead, an attacker would have to persuade them to
| > visit the Web site, typically by getting them to click a link that takes
| > them to the attacker's Web site.
| > · An attacker who successfully exploited this vulnerability
could
| > gain the same user rights as the local user. Users whose accounts are
| > configured to have fewer user rights on the system could be less
impacted
| > than users who operate with administrative user rights.
| > · By default, Internet Explorer on Windows Server 2003, on
| > Windows Server 2003 Service Pack 1, on Windows Server 2003 with Service
| > Pack 1 for Itanium-based Systems, and on Windows Server 2003 x64 Edition
| > runs in a restricted mode that is known as Enhanced Security
Configuration
| > This mode mitigates this vulnerability where the e-mail vector is
| > concerned although clicking on a link would still put users at risk. In
| > Windows Server 2003, Microsoft Outlook Express uses plain text for
reading
| > and sending messages by default. When replying to an e-mail message that
| > is sent in another format, the response is formatted in plain text. See
| > the FAQ section of this vulnerability for more information about
Internet
| > Explorer Enhanced Security Configuration.
| > =====
| > --
| > Chris H.
| > Microsoft Windows MVP/Tablet PC
| > Tablet Creations - http://nicecreations.us/
| > Associate Expert
| > Expert Zone - www.microsoft.com/windowsxp/expertzone
| >
| > "Josh Einstein" <josheinstein@hotmail.com> wrote in message
| > news:u8AIybIEGHA.3000@TK2MSFTNGP14.phx.gbl...
| >> This is a typical response from Chris who only trusts MS's word as
| >> gospel. But rather than linking directly to the EXE you should link to
| >> the page where the user can download it. Direct EXE links are
| >> irresponsible to click as well. Especially considering that they are so
| >> easily spoofed.
| >>
| >> --
| >> Josh Einstein
| >> Tablet Enhancements for Outlook 2.0 - Try it free for 14 days
| >> www.tabletoutlook.com
| >>
| >> "Jim" <reply@groups.please> wrote in message
| >> news:kMwuf.37341$Lb1.8673@bignews3.bellsouth.net.. .
| >>> Chris,
| >>>
| >>> You are acting in an extremely irresponsible manner. This is one
of
| >>> the largest exploits ever to hit the Windows platform (in number of
| >>> machines affected), and you are telling people to do nothing.
| >>>
| >>> The only thing more irresponsible than your post is Microsoft's
| >>> refusal to take immediate action for such an exploit.
| >>>
| >>> Jim
| >>>
| >>> "Chris H." <winxpnews@hotmail.com> wrote in message
| >>> news:um047fHEGHA.140@TK2MSFTNGP12.phx.gbl...
| >>>> Microsoft has not released a patch at this point. Please do not
| >>>> download or install a patch from any other source.
| >>>> --
| >>>> Chris H.
| >>>> Microsoft Windows MVP/Tablet PC
| >>>> Tablet Creations - http://nicecreations.us/
| >>>> Associate Expert
| >>>> Expert Zone - www.microsoft.com/windowsxp/expertzone
| >>>>
| >>>>
| >>>
| >>>
| >>
| >>
| >
| >
|
|


Reply With Quote