From the desk of: Sam C. Chan

Advisory: Windows WMF File Vulnerability

January 5, 2006

Microsoft Security Advisory (912840) Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution.

Microsoft gave in to media pressure and released the patch today, 3 business days ahead of the regularly scheduled "Patch Tuesday."

I weighed the pros and cons and elected to wait for our regular patch schedule, in order to avoid incurring extra fees. Note that this is a complete non-issue for those of you who are properly running as normal users, without administrator rights. Those attacks are completely ineffective unless the user has admin rights.

This is yet another real-life example illustrating why such disciplined practice is absolutely essential. It is futile to try to defend every possible attack by brute force. By definition, no amount of scrambling and active patching to address each individual specific threat will be sufficient. A fundamentally sound approach is much more effective and less costly.

Copyright @2005-2006   Bravo Technology Center  *  Bravo:GO  *  Contact Us