As many of you know, Microsoft has decided not to release an official patch for the SetAbortProc() WMF flaw. Systems before Windows 2000 are not exploitable directly by default; therefore MS doesn’t see it as a critical security problem. It is also a great way for them to push users into upgrades however, but that is another issue all together. Lack of real security should be enough to force users into a move away from the Win9x kernel.
Microsoft has stated that they will only release really critical security patches for the Win9x platform until June 30 of this year.
But not everyone is happy about seeing this possible security risk before them. Open Source to the rescue. Inspired by Ilfak Guilfanov’s XP patch, Tom Walsh of the SecuriTeam blog has released his own open source WMF patch for Win9x Systems.
Nice work Tom.
No comments:
Post a Comment