Windows patch

Jan. 5th, 2006 10:55 pm
cellio: (avatar)
[personal profile] cellio
Microsoft has published the patch for the WMF security hole. If you run Windows and you ever view images whose pedigrees you're not 100% certain of -- like, say, if you ever visit non-trusted web sites, or you view images people send you via email or IM -- you should apply this patch now. Don't wait for the automatic updates to run. (If you don't know what I'm talking about, you should read the security bulletin. Microsoft even admits it's a critical update.)

I'm going to leave LJ image placeholders turned on for a day or two, just in case this fix doesn't do it. (Image placeholders prevent posted images from automatically showing on your friends page, which is useful if you read any open communities where malicious images could be posted.)
Flat | Top-Level Comments Only

(no subject)

Date: 2006-01-06 03:53 pm (UTC)
madfilkentist: (Default)
From: [personal profile] madfilkentist
Actually, IE is more vulnerable to the flaw, because it looks inside images which are nominally .gif, .jpg, or whatever, and displays them as WMF if that's what the header indicates they are. Firefox won't do that automatically. The IE behavior is a violation of W3C recommendations.

(no subject)

Date: 2006-01-06 04:18 pm (UTC)
cellio: (avatar)
From: [personal profile] cellio
Thanks. Yet another reason to stay away from IE, then.
Flat | Top-Level Comments Only

Expand Cut Tags

No cut tags
Top of page