[Dshield] WMF Ilfak Guilfanov workaround

stu secmail at patchsupplier.dyndns.org
Sun Jan 1 14:17:14 GMT 2006


In answer to my own mail, I've just read isc.sans.org and it looks like
the source has been compared to the patch, so should be safe. 

[quote]
The version of the patch located here has been carefully checked against
the source code provided as well as tested against all known versions of
the exploit.
[/quote]


-----Original Message-----
From: list-bounces at lists.dshield.org
[mailto:list-bounces at lists.dshield.org] On Behalf Of stu
Sent: 01 January 2006 14:07
To: General DShield Discussion List
Subject: Re: [Dshield] WMF Ilfak Guilfanov workaround

It's a sad day when patches have to come from the community instead of
the vendor :)

I have setup some rules to block WMF extensions/streams from the
firewall and used REGSVR32 /U SHIMGVW.DLL to unregister the dll
(however, not really practical) 

I would have thought using patches like this is extremely dangerous from
a security standpoint.

I suppose this is one way Microsoft is copying open source :)




More information about the list mailing list