first MS Windows patch of 2006, wmf vulnerability

Greetings and Happy 2006!

Some of you may have heard of the wmf file vulnerability, it has been known about for a few weeks and some code has been out there to exploit it recently.

Well, Microsoft have rushed out the patch, it would be a good idea to install it as soon as possible. You don't have to use "Windows/MS Update", but can download the stand-alone patch installer (yes, even using Firefox) from here.

http://www.microsoft.com/technet/security/bulletin/ms06-001.mspx

Note the different downloads for different versions of Windows.

cheers,
-Daniel

 

um

 

The link I posted was to the MS Technet page - it is fine, the links to the MS patch (for various versions of Windows) work, no problems. What do you think it did to your computer?

 

um

 

okay i downloaded it.... and um now im just confused

 

Well since that first patch there's been another released, 10th Jan, for a different issue! But since you have downloaded this first one - well, it is a stand-alone install version of a patch which would normally be "installed" automatically by Windows/Microsoft Update. Some people don't like to use Windows Update for various reasons, but the individual patches can be downloaded and run this way.

If you understand what security patches are, why they are important, and why you want to install one, and have read all the Microsoft info and disclaimers, well, "double-click" on the downloaded patch and follow the prompts.

After the reception that my starting this thread has received, I'm reluctant to say more, or post the link for the next MS patch!! All you need is on the MS website. PM me if you want more details.

 

A vague negative post from one.

I won't let it bother me (or make me stop posting)...*g*

 

Here is the link to the 2nd MS patch of 2006 - embedded web font vulnerability or something, in case anyone is interested.

http://www.microsoft.com/technet/security/Bulletin/MS06-002.mspx

 

*die*

 

If you are running Windows 2000 without SP4 - "Windows 2000 Service Pack 2, and Windows 2000 Service Pack 3 have reached the end of their support life cycles. It should be a priority for customers who have these operating system versions to migrate to supported versions to prevent potential exposure to vulnerabilities..." is Microsoft's advice.

SP4 is three or more years old - there's even been a mini SP5 "rollup" (May 2005?). Anyway, if you're running fine and no problems, why worry?

SP4 is available as a 127Mb standalone download
the May 05 rollup is a 30Mb mini-SP (no official SP5 for W2k), easy to get as a stand-alone download as well.

 

I recently got a good virus protection software program and it told me that these patches aren't necessarily harmful, but will pester you until you buy their product; which is exactly what it did to me. Cost me 50 dollars to get rid of the annoying pop up. Thanks, butt munch. I needed the protection anyways. I still wouldn't suggest anyone download this crap because it doesn't let you delete it off your machine unless you have some good protection.