Microsoft Security Bulletin MS06-001 (combatting WMF vulnerability) to be released 05/01/2006

Discussion in 'Computer Support' started by Dave Lear, Jan 5, 2006.

  1. Dave Lear

    Dave Lear Guest

    Microsoft Security Bulletin Advance Notification
    http://www.microsoft.com/technet/security/bulletin/advance.mspx

    <quote>

    Important Information for Thursday 5 January 2006

    Microsoft announced that it would release a security update to help protect
    customers from exploitations of a vulnerability in the Windows Meta File
    (WMF) area of code in the Windows operating system on Tuesday, January 2,
    2006, in response to malicious and criminal attacks on computer users that
    were discovered last week.

    Microsoft will release the update today on Thursday, January 5, 2006,
    earlier than planned.

    Microsoft originally planned to release the update on Tuesday, January 10,
    2006 as part of its regular monthly release of security bulletins, once
    testing for quality and application compatibility was complete. However,
    testing has been completed earlier than anticipated and the update is ready
    for release.

    In addition, Microsoft is releasing the update early in response to strong
    customer sentiment that the release should be made available as soon as
    possible.

    Microsoft's monitoring of attack data continues to indicate that the attacks
    are limited and are being mitigated both by Microsoft's efforts to shut down
    malicious Web sites and with up-to-date signatures form anti-virus
    companies.

    The security update will be available at 2:00 pm PT as MS06-001.

    </quote>
     
    Dave Lear, Jan 5, 2006
    #1
    1. Advertising

  2. Dave Lear

    fred-bloggs Guest

    fred-bloggs, Jan 5, 2006
    #2
    1. Advertising

  3. Dave Lear

    Fred Guest

    "Dave Lear" <> wrote in message
    news:...
    > Microsoft Security Bulletin Advance Notification
    > http://www.microsoft.com/technet/security/bulletin/advance.mspx
    >
    > <quote>
    >
    > Important Information for Thursday 5 January 2006
    >
    > Microsoft announced that it would release a security update to help
    > protect
    > customers from exploitations of a vulnerability in the Windows Meta File
    > (WMF) area of code in the Windows operating system on Tuesday, January 2,
    > 2006, in response to malicious and criminal attacks on computer users that
    > were discovered last week.
    >
    > Microsoft will release the update today on Thursday, January 5, 2006,
    > earlier than planned.
    >
    > Microsoft originally planned to release the update on Tuesday, January 10,
    > 2006 as part of its regular monthly release of security bulletins, once
    > testing for quality and application compatibility was complete. However,
    > testing has been completed earlier than anticipated and the update is
    > ready
    > for release.
    >
    > In addition, Microsoft is releasing the update early in response to strong
    > customer sentiment that the release should be made available as soon as
    > possible.
    >
    > Microsoft's monitoring of attack data continues to indicate that the
    > attacks
    > are limited and are being mitigated both by Microsoft's efforts to shut
    > down
    > malicious Web sites and with up-to-date signatures form anti-virus
    > companies.
    >
    > The security update will be available at 2:00 pm PT as MS06-001.
    >
    > </quote>
    >

    Just got it from Windows update!
     
    Fred, Jan 5, 2006
    #3
  4. Dave Lear

    clot Guest

    Fred wrote:
    > "Dave Lear" <> wrote in message
    > news:...
    >> Microsoft Security Bulletin Advance Notification
    >> http://www.microsoft.com/technet/security/bulletin/advance.mspx
    >>
    >> <quote>
    >>
    >> Important Information for Thursday 5 January 2006
    >>
    >> Microsoft announced that it would release a security update to help
    >> protect
    >> customers from exploitations of a vulnerability in the Windows Meta
    >> File (WMF) area of code in the Windows operating system on Tuesday,
    >> January 2, 2006, in response to malicious and criminal attacks on
    >> computer users that were discovered last week.
    >>
    >> Microsoft will release the update today on Thursday, January 5, 2006,
    >> earlier than planned.
    >>
    >> Microsoft originally planned to release the update on Tuesday,
    >> January 10, 2006 as part of its regular monthly release of security
    >> bulletins, once testing for quality and application compatibility
    >> was complete. However, testing has been completed earlier than
    >> anticipated and the update is ready
    >> for release.
    >>
    >> In addition, Microsoft is releasing the update early in response to
    >> strong customer sentiment that the release should be made available
    >> as soon as possible.
    >>
    >> Microsoft's monitoring of attack data continues to indicate that the
    >> attacks
    >> are limited and are being mitigated both by Microsoft's efforts to
    >> shut down
    >> malicious Web sites and with up-to-date signatures form anti-virus
    >> companies.
    >>
    >> The security update will be available at 2:00 pm PT as MS06-001.
    >>
    >> </quote>
    >>

    > Just got it from Windows update!


    Snap ... and...seems to working alright!
     
    clot, Jan 5, 2006
    #4
  5. Dave Lear

    Santa Guest

    "Dave Lear" <> wrote in message
    news:...
    > Microsoft Security Bulletin Advance Notification
    > http://www.microsoft.com/technet/security/bulletin/advance.mspx
    >
    > <quote>
    >
    > Important Information for Thursday 5 January 2006
    >
    > Microsoft announced that it would release a security update to help
    > protect
    > customers from exploitations of a vulnerability in the Windows Meta File
    > (WMF) area of code in the Windows operating system on Tuesday, January 2,
    > 2006, in response to malicious and criminal attacks on computer users that
    > were discovered last week.
    >
    > Microsoft will release the update today on Thursday, January 5, 2006,
    > earlier than planned.
    >
    > Microsoft originally planned to release the update on Tuesday, January 10,
    > 2006 as part of its regular monthly release of security bulletins, once
    > testing for quality and application compatibility was complete. However,
    > testing has been completed earlier than anticipated and the update is
    > ready
    > for release.
    >
    > In addition, Microsoft is releasing the update early in response to strong
    > customer sentiment that the release should be made available as soon as
    > possible.
    >
    > Microsoft's monitoring of attack data continues to indicate that the
    > attacks
    > are limited and are being mitigated both by Microsoft's efforts to shut
    > down
    > malicious Web sites and with up-to-date signatures form anti-virus
    > companies.
    >
    > The security update will be available at 2:00 pm PT as MS06-001.
    >
    > </quote>

    What's frightening is how long this exploit took to discover. Kind of makes
    you wonder what else it hidden in there waiting to be discovered.
     
    Santa, Jan 5, 2006
    #5
  6. Dave Lear

    Dave Lear Guest

    "Santa" wrote in message news:5ghvf.76910$

    > What's frightening is how long this exploit took to discover. Kind
    > of makes you wonder what else it hidden in there waiting to be
    > discovered.


    The long time was actually between the vulnerability / exploit being known
    and Microsoft actually doing something about it. Because their corporate
    customers started shouting very loudly for a patch this hotfix was released
    ahead of the standard second Tuesday of the month release schedule.
     
    Dave Lear, Jan 6, 2006
    #6
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. cgmsys
    Replies:
    0
    Views:
    566
    cgmsys
    Jan 6, 2006
  2. Martin Bilgrav
    Replies:
    0
    Views:
    389
    Martin Bilgrav
    Aug 15, 2006
  3. Dave Lear
    Replies:
    1
    Views:
    558
    It-ib-neit-sa II
    Jan 10, 2006
  4. Au79
    Replies:
    0
    Views:
    502
  5. Leythos
    Replies:
    0
    Views:
    682
    Leythos
    Sep 27, 2006
Loading...

Share This Page