Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Microsoft asks users to wait

Microsoft asks users to wait

by Nikola Strahija on January 3rd, 2006 Microsoft recently changed its original advisory concerning WMF Windows vulnerability, announcing that the patch will be ready to download in a week's time. Although the WMF treat is growing each day, Microsoft urges users to wait for the 'proper' patch and do not install third part patches.


The number of users potentially at risk is high, with all versions of Windows exhibiting the vulnerability, but the number actually affected so far is relatively low, researchers say.

Staff at McAfee's Avert security research lab report that 7.45 percent of users of the company's retail security products were found to have computers infected with malicious programs through the WMF exploit as of Tuesday. That's up from 6 percent of users on Saturday.

Some web sites have already been infected, on of them being knoppix-std.org, who warned users its site has been hacked in order to exploit the WMF flaw. The first to produce a working patch for the vulnerability was Ilfak Guilfanov, his work is recommended from The SANS Institute's Internet Storm Center (who made the patch available from its site) and F-Secure.

Mikko Hypponen, chief research officer at F-Secure, feels safe recommending the Guilfanov patch for several reasons. -We know this guy. We have checked the code. It does exactly what he says it does, and nothing else. We've checked the binary, and we've checked that the fix works, he said, later on explainint that the F-Secure company installed it on all its computers.


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »