On Tue, 3 Jan 2006, Paul Asadoorian wrote: > I would imagine that most, like myself, are busy trying to make sense > of the WMF vulnerability, perform risk assessments, and recommend > appropriate actions for your organization. I have attempted to > summarize the WMF information that is flooding security sites all over: > > http://www.pauldotcom.com/2006/01/wmf_vulnerability_exploits_jus.html
Excellent summary. For those that need more details in an FAQ setting, here is the link: http://castlecops.com/a6445-WMF_Exploit_FAQ.html It covers both alternative workarounds and the MS official patch. In total 40 questions and answers that were assembled in the forum setup for Ilfak's hotfix: http://castlecops.com/f212-Hexblog.html -- Paul Laudanski, Microsoft MVP Windows-Security [cal] http://events.castlecops.com [de] http://de.castlecops.com [en] http://castlecops.com [wiki] http://wiki.castlecops.com [family] http://cuddlesnkisses.com
