Microsoft Security Bulletin MS06-001
Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution
(912919)
http://www.microsoft.com/technet/sec.../ms06-001.mspx

--
Hope this helps. Let us know.

Wes
MS-MVP Windows Shell/User

Thanks Wesley for the heads up.

--
William

"Wesley Vogel" <123WVogel955@comcast.net> wrote in message
news:OoXemujEGHA.1240@TK2MSFTNGP09.phx.gbl...
> Microsoft Security Bulletin MS06-001
> Vulnerability in Graphics Rendering Engine Could Allow Remote Code
> Execution
> (912919)
> http://www.microsoft.com/technet/sec.../ms06-001.mspx
>
> --
> Hope this helps. Let us know.
>
> Wes
> MS-MVP Windows Shell/User
>

Your Welcome, William.

I downloaded and installed it. Now I am a little safer until the next
exploit.

--
Hope this helps. Let us know.

Wes
MS-MVP Windows Shell/User

In news:eakdOWkEGHA.2912@tk2msftngp13.phx.gbl,
WTC <bcrawfordjr(remove)@hotmail.com> hunted and pecked:
> Thanks Wesley for the heads up.
>
> --
> William
>
> "Wesley Vogel" <123WVogel955@comcast.net> wrote in message
> news:OoXemujEGHA.1240@TK2MSFTNGP09.phx.gbl...
>> Microsoft Security Bulletin MS06-001
>> Vulnerability in Graphics Rendering Engine Could Allow Remote Code
>> Execution
>> (912919)
>> http://www.microsoft.com/technet/sec.../ms06-001.mspx
>>
>> --
>> Hope this helps. Let us know.
>>
>> Wes
>> MS-MVP Windows Shell/User

Wesley Vogel wrote:
> Your Welcome, William.
>
> I downloaded and installed it. Now I am a little safer until the next
> exploit.
>
>
> In news:eakdOWkEGHA.2912@tk2msftngp13.phx.gbl,
> WTC <bcrawfordjr(remove)@hotmail.com> hunted and pecked:
>> Thanks Wesley for the heads up.
>>
>> --
>> William
>>
>> "Wesley Vogel" <123WVogel955@comcast.net> wrote in message
>> news:OoXemujEGHA.1240@TK2MSFTNGP09.phx.gbl...
>>> Microsoft Security Bulletin MS06-001
>>> Vulnerability in Graphics Rendering Engine Could Allow Remote Code
>>> Execution
>>> (912919)
>>> http://www.microsoft.com/technet/sec.../ms06-001.mspx
>>>
>>> --
>>> Hope this helps. Let us know.
>>>
>>> Wes
>>> MS-MVP Windows Shell/User

This .WMF exploit would fail against a modern CPU with the no-execute bit if
Windows XP2's DEP is enabled. If you are of the sort to be concerned, and
you like to upgrade, here is a real excuse to do so. All the newer AMD and
Intel CPUs have the no-execute bit. This combined with DEP makes buffer
overrrun exploits a thing of the past for the most part. The current .WMF
exploit doesn't work against such a combination.

> I downloaded and installed it. Now I am a little safer until the next
> exploit.

From the exploit itself?

or from passionately discussed threads in this forum on Microsoft's delay in
releasing the patch?

:-)

--
Regards

John Waller

I see your smiley there, but can we not give credit where credit is due?
When Microsoft made the corporate decision to release updates on a monthly
schedule, it was not only for their benefit but the entire IT infrastructure
as well. They also stated to the sort that if a situation warranted an
update outside of the normal schedule, they would release it ASAP,
regardless of the schedule. This patch has been released 5 days ahead of
January's scheduled updates. I am not a programmer but, I imagine that it
takes time to code and thoroughly test these patches. They did provide a
temporary workaround very soon after they became aware of the exploit. I can
remember the days when patches were released too soon, resulting in the
necessity to re-patch the patches. Certainly not good for their corporate
image! I'm not proposing that Microsoft (or any company or person for that
matter) is beyond reproach but, I do see this situation as responsible
action and fulfillment of a promise.

--
~john aka: jopa


"John Waller" <johnw@REMOVETHISpinnacleweb.com.au> wrote in message
news:OD%23Ne5kEGHA.2712@TK2MSFTNGP10.phx.gbl...
>> I downloaded and installed it. Now I am a little safer until the next
>> exploit.
>
> From the exploit itself?
>
> or from passionately discussed threads in this forum on Microsoft's delay
> in releasing the patch?
>
> :-)
>
> --
> Regards
>
> John Waller
>

John

Accept the patch in good faith..

--
Mike Hall
MVP - Windows Shell/User


"John Waller" <johnw@REMOVETHISpinnacleweb.com.au> wrote in message
news:OD%23Ne5kEGHA.2712@TK2MSFTNGP10.phx.gbl...
>> I downloaded and installed it. Now I am a little safer until the next
>> exploit.
>
> From the exploit itself?
>
> or from passionately discussed threads in this forum on Microsoft's delay
> in releasing the patch?
>
> :-)
>
> --
> Regards
>
> John Waller
>

John Waller wrote:

>>I downloaded and installed it. Now I am a little safer until the next
>>exploit.
>
>
> From the exploit itself?
>
> or from passionately discussed threads in this forum on Microsoft's delay in
> releasing the patch?
>
> :-)
>

What deley. They were quite timely IMO.

--
Rock
MS MVP Windows - Shell/User

What's SP2?

Seriously, I do have a new case, power supply and DVD burner anxiously
awaiting all the other components. Decisions, decisions.

--
Hope this helps. Let us know.

Wes
MS-MVP Windows Shell/User

In news:%23XqPdlkEGHA.2544@TK2MSFTNGP11.phx.gbl,
Saucy Lemon <saucy@s.can.be> hunted and pecked:
> Wesley Vogel wrote:
>> Your Welcome, William.
>>
>> I downloaded and installed it. Now I am a little safer until the next
>> exploit.
>>
>>
>> In news:eakdOWkEGHA.2912@tk2msftngp13.phx.gbl,
>> WTC <bcrawfordjr(remove)@hotmail.com> hunted and pecked:
>>> Thanks Wesley for the heads up.
>>>
>>> --
>>> William
>>>
>>> "Wesley Vogel" <123WVogel955@comcast.net> wrote in message
>>> news:OoXemujEGHA.1240@TK2MSFTNGP09.phx.gbl...
>>>> Microsoft Security Bulletin MS06-001
>>>> Vulnerability in Graphics Rendering Engine Could Allow Remote Code
>>>> Execution
>>>> (912919)
>>>> http://www.microsoft.com/technet/sec.../ms06-001.mspx
>>>>
>>>> --
>>>> Hope this helps. Let us know.
>>>>
>>>> Wes
>>>> MS-MVP Windows Shell/User
>
> This .WMF exploit would fail against a modern CPU with the no-execute bit
> if Windows XP2's DEP is enabled. If you are of the sort to be concerned,
> and you like to upgrade, here is a real excuse to do so. All the newer
> AMD and Intel CPUs have the no-execute bit. This combined with DEP makes
> buffer overrrun exploits a thing of the past for the most part. The
> current .WMF exploit doesn't work against such a combination.

WTC wrote:
> Thanks Wesley for the heads up.
>
Just be sure you delete it before inatalling Microsoft's patch.

Rick