Windows WMF File Vulnerability
January 5, 2006
Advisory (912840) Vulnerability in Graphics Rendering Engine Could Allow
Remote Code Execution.
Microsoft gave in to media pressure and released the patch today, 3
business days ahead of the regularly scheduled "Patch Tuesday."
I weighed the pros and cons and elected to wait for our regular patch
schedule, in order to avoid incurring extra fees. Note that this is a complete non-issue for those of you who
are properly running as normal users, without administrator rights.
Those attacks are completely ineffective unless the user has admin
This is yet another real-life example illustrating why such
disciplined practice is absolutely essential. It is futile to try to
defend every possible attack by brute force. By definition, no amount of scrambling and active patching to
address each individual specific threat will be sufficient. A
fundamentally sound approach is much more effective and less costly.