Re: Why no patch for the .wmf problem?

You have to understand the fact that Ilfak Guilfanov does not really have to
worry about breaking any applications, and he did say to use it at your own
risk.

Microsoft, on the other hand, has to test a patch against thousands of
applications to make sure that the patch doesn't break a competitors
product. If they don't, the competitor will be in court looking for money!

--


Regards,

Richard Urban
Microsoft MVP Windows Shell/User

Quote from George Ankner:
If you knew as much as you think you know,
You would realize that you don't know what you thought you knew!

"Jim" <Jim@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:1A0440A4-FD33-4DC1-B7ED-57C7578207B9@xxxxxxxxxxxxxxxx
> Greetings Stephen,
>
> I have Ilfak Guilfanov's patch and have a solution in place to unregister
> the .dll already.
>
> I simply cannot believe that Microsoft cannot get a patch out for what is
> arguably the largest and easiest to exploit flaw in Windows history in a
> more
> timely fashion.
>
> This is so ridiculous as to border on the obscene.
>
> Jim
>
> "Stephen Howe" wrote:
>
>> >I find the lack of direct communication from Microsoft and the lack of a
>> > definate target date for a patch to be unacceptable. How long has
>> > Microsoft
>> > known about the flaw? To expect users to wait until patch Teusday is
>> > also
>> > unacceptable.
>> >
>> > WHERE IS THE PATCH?
>>
>> They are probably working on it 24-7 and I am sure it will be out before
>> the
>> monthly update being so critical.
>>
>> Meanwhile...
>> You can download an unofficial patch which is 100% effective and better
>> than
>> the "regsvr32 /u shimgvw.dll" workaround.
>>
>> See
>> http://www.grc.com/sn/notes-020.htm
>> and download the patch mentioned in the Green Box
>>
>> Stephen Howe
>>
>>
>>


.

Relevant Pages

  • Re: Testing MS Security Patches?
    ... >> be to test those applications on which your business depends. ... >> entirely likely that they've already been tested by Microsoft. ... Download the patch. ...
    (microsoft.public.security)
  • Re: [Full-disclosure] Security Alert: Unofficial IE patches appear on internet
    ... created by a vulnerability is as serious as this case and the available ... Microsoft will be inclined strongly against holding on to this patch. ... Microsoft often have patches ready but wait for the corporate known ...
    (Full-Disclosure)
  • Re: Worm in Patch
    ... a naive and trusting nature in your personality believing that you would ... "receive a patch" instead of getting it from a trusted source..? ... Essentially - Microsoft never emails you a patch. ... using Windows XP "prettifications". ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Why do i keep on receiving shutdown system ?
    ... the Microsoft provided information on the matter can be ... The Symantec Repair utility and manual removal instructions can be found ... The patch that would have prevented this whole fiasco for you: ... If you have Sasser, the Microsoft provided information on the matter can be ...
    (microsoft.public.windowsxp.security_admin)
  • Re: NT Authority..
    ... You could have Blaster or you could have Sasser. ... the Microsoft provided information on the matter can be ... The patch that would have prevented this whole fiasco for you: ... After enabling the Internet Connection Firewall or creating the read-only ...
    (microsoft.public.windowsxp.help_and_support)