WMF patch available now

#4 01-05-2006, 11:13 PM

Wesley Vogel wrote:
> Your Welcome, William.
>
> I downloaded and installed it. Now I am a little safer until the next
> exploit.
>
>
> In news:eakdOWkEGHA.2912@tk2msftngp13.phx.gbl,
> WTC <bcrawfordjr(remove)@hotmail.com> hunted and pecked:
>> Thanks Wesley for the heads up.
>>
>> --
>> William
>>
>> "Wesley Vogel" <123WVogel955@comcast.net> wrote in message
>> news:OoXemujEGHA.1240@TK2MSFTNGP09.phx.gbl...
>>> Microsoft Security Bulletin MS06-001
>>> Vulnerability in Graphics Rendering Engine Could Allow Remote Code
>>> Execution
>>> (912919)
>>> http://www.microsoft.com/technet/sec.../ms06-001.mspx
>>>
>>> --
>>> Hope this helps. Let us know.
>>>
>>> Wes
>>> MS-MVP Windows Shell/User

This .WMF exploit would fail against a modern CPU with the no-execute bit if
Windows XP2's DEP is enabled. If you are of the sort to be concerned, and
you like to upgrade, here is a real excuse to do so. All the newer AMD and
Intel CPUs have the no-execute bit. This combined with DEP makes buffer
overrrun exploits a thing of the past for the most part. The current .WMF
exploit doesn't work against such a combination.