Educause Security Discussion mailing list archives
Re: Jan 10 is the Microsoft stated release date for a WMF page -- was : what is your advice to your users
From: "Brawner, David" <dbrawner () MARYVILLE EDU>
Date: Tue, 3 Jan 2006 13:15:33 -0600
Here at Maryville, we took a proactive approach and decided that it was better to inconvenience our users a little than to get hacked by an exploit of this vulnerability. We distributed the "regserv32 -u..." command that Microsoft refers to in the "Suggested Actions" section of the security advisory. We pushed it out silently to all of our workstations through our Novell Zenworks application distribution system. We have tested and found that we can successfully reverse the effects with the same command (without the -u) once the patch is available. We are also informing our users of this vulnerability and the actions we have taken. So far, everything has gone well. We have had only a few calls regarding the user's inability to open JPG and WMF files by double-clicking on them. David S. Brawner Manager of Network & User Services Maryville University of Saint Louis -----Original Message----- From: H. Morrow Long [mailto:morrow.long () YALE EDU] Sent: Tuesday, January 03, 2006 6:17 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Jan 10 is the Microsoft stated release date for a WMF page -- was : what is your advice to your users On Jan 2, 2006, at 4:24 PM, Sadler, Connie wrote:
Does anyone know how close we are to a patch from Microsoft? ... Anybody have some status?
January 10 (one week from today) is Microsoft's goal for a patch. The following was posted today on the updated MS advisory page ( http://www.microsoft.com/technet/security/advisory/912840.mspx ) Microsoft Security Advisory (912840) Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution. Published: December 28, 2005 | Updated: January 3, 2006 On Tuesday, December 27, 2005, Microsoft became aware of public reports of malicious attacks on some customers involving a previously unknown security vulnerability in the Windows Meta File (WMF) code area in the Windows platform. Upon learning of the attacks, Microsoft mobilized under its Software Security Incident Response Process (SSIRP) to analyze the attack, assess its scope, define an engineering plan, and determine the appropriate guidance for customers, as well as to engage with anti- virus partners and law enforcement. Microsoft confirmed the technical details of the attack on December 28, 2005 and immediately began developing a security update for the WMF vulnerability on an expedited track. Microsoft has completed development of the security update for the vulnerability. The security update is now being localized and tested to ensure quality and application compatibility. Microsoft's goal is to release the update on Tuesday, January 10, 2006, as part of its monthly release of security bulletins. This release is predicated on successful completion of quality testing. ...
Current thread:
- Re: Jan 10 is the Microsoft stated release date for a WMF page -- was : what is your advice to your users Steve Worona (Jan 03)
- <Possible follow-ups>
- Re: Jan 10 is the Microsoft stated release date for a WMF page -- was : what is your advice to your users jack suess (Jan 03)
- Re: Jan 10 is the Microsoft stated release date for a WMF page -- was : what is your advice to your users Brawner, David (Jan 03)
- Re: Jan 10 is the Microsoft stated release date for a WMF page -- was : what is your advice to your users Gary Flynn (Jan 03)