[OPLINTECH] WMF Exploit Hotfix

Tue Jan 3 11:15:04 EST 2006

The patch is from Steve Gibson who is one of the foremost and highly
regarded security researchers out there.
Jim Kenzig

________________________________

From: oplintech-bounces at oplin.org [mailto:oplintech-bounces at oplin.org]
On Behalf Of Bruce Landis
Sent: Tuesday, January 03, 2006 10:43 AM
To: OPLINTECH at OPLIN.ORG
Subject: Re: [OPLINTECH] WMF Exploit Hotfix

I trust the Oplintech listserv but a basic question remains for any
volunteered patch... how do we validate it?  Certainly a PCWorld
columnist would appear to be a reliable source, and the hyperlinks trace
out ok, but...

I try to teach our staff not to download and install protective products
simply because they pop-up and present themselves to the end user. Do
others on the list have additional validation of this patch? Or...if
anyone on the list who has an isolated lab machine were to do the patch,
watch for rogue processes and report back it would ease my mind -
somewhat.  

Paranoid as always, 

Bruce Landis
Technology Specialist
Chillicothe and Ross County Public Library
(740) 702-4115  fx (740) 702-4118
landisbr at oplin.org

-----Original Message-----
From: oplintech-bounces at oplin.org [mailto:oplintech-bounces at oplin.org]On
Behalf Of Ron Dalpiaz
Sent: Tuesday, January 03, 2006 9:59 AM
To: OPLINTECH at OPLIN.ORG
Subject: [OPLINTECH] WMF Exploit Hotfix

There's a very effective temporary hotfix for the WMF Exploit.

It comes from Steve Gibson's site. He is known as a security guru in the
industry.

You can read about this at:

http://blogs.pcworld.com/tipsandtweaks/archives/001162.html

Gibson's explanation/download page regarding the fix is at:

http://www.grc.com/sn/notes-020.htm
<http://www.grc.com/sn/notes-020.htm> 

Ron Dalpiaz
Technology Coordinator
Dover Public Library

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.oplin.org/mailman/private/oplintech/attachments/20060103/084f3471/attachment.html