[OPLINTECH] WMF Exploit Hotfix
Bruce Landis
landisbr at oplin.org
Tue Jan 3 11:21:22 EST 2006
The fact that you have personal confidence in one of the principals cited
does mean a lot to me in evaluating something like this, and is the kind of
response I was hoping to see.
Thanks, (and still paranoid),
Bruce Landis
Technology Specialist
Chillicothe and Ross County Public Library
(740) 702-4115 fx (740) 702-4118
mailto:landisbr at oplin.org
-----Original Message-----
From: Wes Osborn [mailto:wosborn at clcohio.org]
Sent: Tuesday, January 03, 2006 10:53 AM
To: Bruce Landis
Cc: OPLINTECH at OPLIN.ORG
Subject: Re: [OPLINTECH] WMF Exploit Hotfix
The only "real" way to verify is through the source code. For the
patch that is mentioned the source code has been made available. I
haven't personally checked it, but Steve Gibson is a trusted resource
for me and he has examined the source code.
Even so I'm recommending that this only been installed on machines
that are especially vulnerable or likely to encounter this problem.
Since I believe that there is already an MSN messenger exploit; I
would recommend it to anyone who uses that product.
Hope this helps,
-Wes
<snip>
More information about the OPLINTECH
mailing list