WMF Exploit (Update7)
Hi all;
MS has decided to release the WMF vulnerability patch earlier than expected – TODAY! It is being released under KB912919 (912919), advisory number: MS06-001 (first of “2006“)
So, please visit Automatic Updates sometime after 17:00 EST (that’s 5pm Eastern for you 12-hour clock types) and update your computers ASAP. Or, if you use SUS/WSUS, get your Approvals out ;-)
If you are one of the quick ones that installed Ilfak’s temporary workaround, heed by the previous updates I posted below.
FYI and finally
UPDATE (19:50 EST): I have deployed the patch on a small set of test machines that had both unregistered the DLL and applied the v1.3 version of the workaround from Ilfak. The XP SP2 machine deployed and restarted without any problems. However, both Windows 2000 Pro machines hung on shutdown… not sure of the cause yet (whether it is directly related to the update or something else). But, when those Win2K machines were booted back up, they both had the updated GDI32.DLL file (time/date 2005/Dec/30 @ 11:15am EST and 233,744 bytes in size). Will be looking into the problem further with additional test machines and report back here…
The update works fine, but if you need to deploy this into a large environment, I would recommend doing a sampling of the Win2K machines first to prevent widespread TechSupport calls (just in case).
FYI - the XP GDI32.DLL appears to have been fixed a couple days prior (2005/Dec/28 @ 21:54 EST and it is 280,064 bytes in size).
UPDATE (20:45 EST): I tested another Windows 2000 Pro machine, which did NOT have the Ilfak v1.3 patch applied (no patch, and the DLL was still registered) and the update went without any glitch.. no hang, no reboot problems, and the GDI32.DLL is updated as expected.
KevFrey
kevfrey@gmail.com
. . . . . .. . . . . .
Leave a Reply
You must be logged in to post a comment.