[Dshield] WMF Ilfak Guilfanov workaround

Roger A. Grimes roger at banneretcs.com
Sun Jan 1 17:13:06 GMT 2006

stu wrote:
> It's a sad day when patches have to come from the community instead of

> the vendor :)

Microsoft will have a patch out as quickly as it is possible for them to
do it. They have already issued multiple workaround suggestions, and I'm
sure are already working on the patch. This bug is pretty huge, for
them, affecting all platforms, so the regression testing work will be as
large for them as it could be. Talking to their teams before, I know
that even simple patches require 100's to 1000's of individual tests.
It's just not something that can be done in a day or two.

I'm not cutting them a break for the bug, but I'd rather have a solid,
well tested, patch, and not a buggy incremental fix.

In the interim, it also gives administrators an opportunity to begin
another round of end-user education, giving a real-time example of how
clicking on untrusted emails and links can lead to bad things. Somehow,
I suspect this is just a precursor of things to come in 2006, as the
crimeware gets more aggressive.


*Roger A. Grimes, Banneret Computer Security, Consultant 
*CPA, CISSP, MCSE: Security (2000/2003/MVP), CEH, yada...yada...
*email: roger at banneretcs.com
*Author of Honeypots for Windows (Apress)

More information about the list mailing list