Educause Security Discussion mailing list archives
Re: WMF patch released
From: Theodore Pham <telamon () CMU EDU>
Date: Thu, 5 Jan 2006 16:19:35 -0500
On Thu, 5 Jan 2006, Jeni Li wrote:
A question came up from one of our desktop managers -- Has anyone found or discovered any info related to the consequences of = applying the official update with Ilfak's unofficial fix still = installed? I know sans is recommending uninstalling the unofficial fix = first, but with the way AD timings and WSUS timings work, the only way = to really guarantee that it happens in that order is to leave all of = your machines unprotected from all fixes for a considerable amount of = time (undeploy Ilfak's msi, wait a day or so, then approve the MS fix = via WSUS. Jeni Li Web/Systems Administrator Arizona State University, at the Polytechnic campus
Now that the official patch is out, SANS has revised their recommendation. See: http://isc.sans.org/diary.php?&storyid=1019 You can leave the unofficial patch installed while letting the official one apply. Then uninstall the unofficial one, re-register shimgvw.dll, then reboot just for good measure. Some light testing on my part shows no problems with that procedure. Ted Pham Information Security Office Carnegie Mellon University
Current thread:
- WMF patch released David LaPorte (Jan 05)
- <Possible follow-ups>
- Re: WMF patch released Sadler, Connie (Jan 05)
- Re: WMF patch released Doug Pearson (Jan 05)
- Re: WMF patch released Jeni Li (Jan 05)
- Re: WMF patch released Theodore Pham (Jan 05)
- Re: WMF patch released Todd Kisida (Jan 05)
- Re: WMF patch released Ken Connelly (Jan 05)