Michael Sinatra just forwarded a posting to the ucb-security list,
announcing that Microsoft's patch for the serious "WMF vulnerability"
in Windows has just become available.
Details:
Microsoft Security Bulletin Advance Notification
http://www.microsoft.com/technet/security/bulletin/advance.mspx
"Microsoft announced that it would release a security update to help
protect customers from exploitations of a vulnerability in the
Windows Meta File (WMF) area of code in the Windows operating system
on Tuesday, January 2, 2006, in response to malicious and criminal
attacks on computer users that were discovered last week. Microsoft
will release the update today on Thursday, January 5, 2006, earlier
than planned."
SANS offers the following recommendations for applying the update
"if you have installed any of the earlier patches or workarounds":
Microsoft Patches Released
http://isc.sans.org/diary.php?storyid=1019
>1. Reboot your system to clear any vulnerable files from memory
>2. Download and apply the new patch
>3. Reboot
>4. Uninstall the unofficial patch (use Add/Remove Programs)
>5. Re-register the .dll if you previously unregistered it (use the
>same command but without the "-u")
>6. Reboot one more time just for good measure
Aron Roberts
Workstation Software Support Group
------------------------------------------------------------------------
The following was automatically added to this message by the list server:
For information about Micronet, including subscribing to
or unsubscribing from its mailing list and finding out
about upcoming meetings, please visit the Micronet Web site:
<http://micronet.berkeley.edu/>.
Received on Thu Jan 5 13:16:18 2006
This archive was generated by hypermail 2.1.8 : Thu Jan 05 2006 - 13:16:18 PST