[WinPartners] unpatched Windows exploit (WMF)
Paul Dzus
pdzus at MIT.EDU
Tue Jan 3 09:31:13 EST 2006
I'm sure you're all aware of this issue that developed over the holiday
weekend. There's a very detailed summary of the current situation here:
http://handlers.dshield.org/jullrich/wmffaq.html
As I was writing this, a new update:
"Microsoft updated its advisory (KB 912840) this morning with the below
information. For those in academic environments, this may actually work
in your favor as students will be coming back after the supposed release
date.
For corporate environments, IT Staffers are going to have to make a risk
assessment. What would be cost to your company if you are compromised
between now and January 10 if the update is released as mentioned? Can
you really afford to do nothing? Are you willing to gamble that
unregistering the dll is sufficient or do you go with defense in depth
and apply the unofficial patch? You make the choice"
I'm loathe to apply the "unofficial patch" for many reasons but I don't
enjoy leaving my users' workstation completely vulnerable for the next
week either. I've lost enough sleep on this already. I'd appreciate
any advice from those with more experience/authority.
Thanks,
--
Paul K. Dzus
Network/IT Manager
The MIT Press
55 Hayward Street, E39-038G
Cambridge, MA 02142-1315
TEL: 617-258-6783
EMAIL: pdzus at mit.edu
More information about the winpartners
mailing list