Tuesday, January 3, 2006

Microsoft to Release Official WMF Patch on 10th

Updated Microsoft Security Advisory (912840) - Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution

"Microsoft has completed development of the security update for the vulnerability. The security update is now being localized and tested to ensure quality and application compatibility. Microsoft’s goal is to release the update on Tuesday, January 10, 2006, as part of its monthly release of security bulletins. This release is predicated on successful completion of quality testing."

What is Microsoft's response to Ilfak Guilfanov's Patch??

"Microsoft recommends that customers download and deploy the security update for the WMF vulnerability that we are targeting for release on January 10, 2006.As a general rule, it is a best practice to utilize security updates for software vulnerabilities from the original vendor of the software. With Microsoft software, Microsoft carefully reviews and tests security updates to ensure that they are of high quality and have been evaluated thoroughly for application compatibility. In addition, Microsoft’s security updates are offered in 23 languages for all affected versions of the software simultaneously.Microsoft cannot provide similar assurance for independent third party security updates."

No real suprise. It isn't their patch so that was exepcted. No big deal.

I am still using Ilfak's patch and will leave it in place until next week - 10th.

No comments:

Post a Comment