Re: WMF Vulnerability Summary



On Tue, 3 Jan 2006, Paul Asadoorian wrote:
> I would imagine that most, like myself, are busy trying to make sense
> of the WMF vulnerability, perform risk assessments, and recommend
> appropriate actions for your organization. I have attempted to
> summarize the WMF information that is flooding security sites all over:
>
> http://www.pauldotcom.com/2006/01/wmf_vulnerability_exploits_jus.html

Excellent summary. For those that need more details in an FAQ setting,
here is the link:

http://castlecops.com/a6445-WMF_Exploit_FAQ.html

It covers both alternative workarounds and the MS official patch. In
total 40 questions and answers that were assembled in the forum setup for
Ilfak's hotfix:

http://castlecops.com/f212-Hexblog.html

--
Paul Laudanski, Microsoft MVP Windows-Security
[cal] http://events.castlecops.com
[de] http://de.castlecops.com
[en] http://castlecops.com
[wiki] http://wiki.castlecops.com
[family] http://cuddlesnkisses.com