Post by: guestolo on January 03, 2006, 12:58:48 AM
Any users that have installed the temp patch can use Add/Remove programs and remove
WMF vulnerability hotfix
Reboot if prompted
Apply the patch from Microsoft if it applies to your Operating System
Use Windows updates to receive the update or here is a direct download link
http://www.microsoft.com/technet/security/...n/MS06-001.mspx (http://\"http://www.microsoft.com/technet/security/Bulletin/MS06-001.mspx\")
Important note from grc.com
Link to grc.com below
Quote
Microsoft has now "reclassified" the WMF vulnerability in Windows 95, 98, and ME as non-critical (instead of just fixing it!). This means that it will probably NOT be updated and patched to eliminate the WMF handling vulnerability that those older versions of Windows apparently still have. (This vulnerability still needs to be confirmed.
So, if Microsoft does not produce an update to repair those older versions of Windows, GRC will make one available.)
Please read this link from grc.com
If it applies to your operating system, please apply it folks
http://www.grc.com/sn/notes-020.htm (http://\"http://www.grc.com/sn/notes-020.htm\")
Ilfak Guilfanov blog (http://\"http://www.hexblog.com/2005/12/wmf_vuln.html#more\")
Related links
http://www.f-secure.com/weblog/archives/archive-122005.html (http://\"http://www.f-secure.com/weblog/archives/archive-122005.html\")
http://isc.sans.org/diary.php?rss&storyid=994 (http://\"http://isc.sans.org/diary.php?rss&storyid=994\")
http://www.microsoft.com/technet/security/...ory/912840.mspx (http://\"http://www.microsoft.com/technet/security/advisory/912840.mspx\")
Apply only the patch until Microsoft has released a fix
Keep checking Windows updates for the fix ppls
and of course all other High priority (Critical) updates
/smile.gif\' class=\'bbc_emoticon\' alt=\':)\' />