[Dshield] WMF Ilfak Guilfanov workaround

stu secmail at patchsupplier.dyndns.org
Sun Jan 1 14:17:14 GMT 2006

In answer to my own mail, I've just read isc.sans.org and it looks like
the source has been compared to the patch, so should be safe. 

The version of the patch located here has been carefully checked against
the source code provided as well as tested against all known versions of
the exploit.

-----Original Message-----
From: list-bounces at lists.dshield.org
[mailto:list-bounces at lists.dshield.org] On Behalf Of stu
Sent: 01 January 2006 14:07
To: General DShield Discussion List
Subject: Re: [Dshield] WMF Ilfak Guilfanov workaround

It's a sad day when patches have to come from the community instead of
the vendor :)

I have setup some rules to block WMF extensions/streams from the
firewall and used REGSVR32 /U SHIMGVW.DLL to unregister the dll
(however, not really practical) 

I would have thought using patches like this is extremely dangerous from
a security standpoint.

I suppose this is one way Microsoft is copying open source :)

More information about the list mailing list