Supplemental Resources and Links for Episode #21

Official WMF Vulnerability update
from Microsoft Available NOW!
http://update.microsoft.com/



Ilfak Guilfanov on "Security Now" #21 !

Ilfak Guilfanov, developer of "The Patch" for temporarily protecting Windows users from exploitation of the WMF vulnerability (while we were waiting for Microsoft's official security update) joined us to discuss this first serious Windows vulnerability of the New Year.

If you wish to be automatically notified whenever we post a new Security Now! audio program, you may use the button below to register an eMail address with the trustworthy "Change Detection" service. You will be able to easily remove yourself at any time:



(it's private by ChangeDetection)


Microsoft is not fixing Windows 98/ME
 . . . so GRC will.

Microsoft has now "reclassified" the WMF vulnerability in Windows 95, 98, and ME as non-critical (instead of just fixing it!). This means that it will probably NOT be updated and patched to eliminate the WMF handling vulnerability that those older versions of Windows apparently still have. (This vulnerability still needs to be confirmed.)

So, if Microsoft does not produce an update to repair those older versions of Windows, GRC will make one available.

Microsoft's official security update does
the same thing as Ilfak's patch

Users of Ilfak's temporary patch — which is no longer needed in the wake of Microsoft's early released official update — may rest easily. Ilfak reports that he checked-out Microsoft's new replacement GDI32.DLL . . . and it permanently does the same thing as his temporary patch: It simply revokes support for the age-old WMF "SETABORT" command from metafile processing.



Jump to top of page
Gibson Research Corporation is owned and operated by Steve Gibson.  The contents
of this page are Copyright (c) 2022 Gibson Research Corporation. SpinRite, ShieldsUP,
NanoProbe, and any other indicated trademarks are registered trademarks of Gibson
Research Corporation, Laguna Hills, CA, USA. GRC's web and customer privacy policy.
Jump to top of page

Last Edit: May 04, 2013 at 18:12 (3,800.91 days ago)Viewed 1 times per day