BleepingComputer.com: Survey: Wmf Vulnerablility

I installed the patch and then had some second thoughts. Is the patch going to create problems?

So I thought I'd post a poll and find out how many of the people who know what they are doing have also installed the patch.

Here is a link with some discussion about the prs and cons of using unofficial patches:
http://www.sans.org/newsletters/newsbites/...sue=1&rss=Y#200

Edit: looks like I messed up with the poll. Oh well. In that case, please just hit the reply button

I installed used grinlers app...I feel good .says I'm clean...I wouldn't go out to get something that grinler posted for us to use..

I probably should've done that

So, we've got one so far(because I'm guessing Grinlers app just repackages the unofficial patch???

Or did grinlers utility just unregister the thingy(that's a technical term!) that microsoft said to unregister?? Shame on me for not having the time to fully read up on this - it's been a busy week ).

Anyone else?

Ilfak's patch was pushed out at my work yesterday, surprisingly as they are usually cautious to the point of inertia about new technologies (it was only a few years ago I was still supporting some OS2 machines *cough*), and it promptly broke $Major_Marketing_App and had to be removed from the pcs which use that (luckily only a few). The push has been left running, though, so I guess the PHB's have decided the risk of breaking a few apps is the lesser of two evils (and considering the ad and junkware littered websites many of our users insist on frequenting, I have to agree).

I would have no qualms about installing Ilfak's patch on my home Windows XP machine, but I also have no motivation to do so. I can keep "Lazarus" offline until MS comes out with their patch, while "Velma" (my Cube), "Precious" (my Powerbook), and I watch the show from the safety of OSX.

I have not installed Ilfak's patch, but only because I run ME. If I was able to I would.

He is an admired member in the tech community. As a matter of fact his site was down this past Wednesday, citing bandwidth issues.
There lies your answer BanditFlyer.
Also, the SANS Institute's Internet Storm Center recommends applying the patch, so....
An informative read: http://www.informationweek.com/software/sh...cleID=175801150
Excerpt:

Quote

I agree.
Pretty bad when ever a third party has to roll up his sleeves to do what M$ should of been doing all along.

Shame, shame. Shame's thier name.

Hi Scarlett? I have downloaded Ilfaks patch as per Grinler instructions...do Microsoft have theirs out yet then...and will they contact me ie. when i do an update on IE? I have kept Grinlers instructions regarding uninstalling and reinstalling the other...er..thingy he said to do.. sorry...me in blonde mode tonight!! Oh..and Happy New Year too...x

oops...just looked around and seen that Microsoft have indeedy released theirs today and have uninstalled Ilfaks patch and did the DLL thingy..(love my knowledge of computer speak I do!!)so apologies...should read more!!

I asked on another forum if anyone was considering installing Ilfak's patch rather than the Microsoft one, permanently. I'm frankly on the fence as to which I feel more comfortable "trusting"...but I'll admit at this point I'm leaning in the former direction. A well respected programmer really pouring his all into his code and inviting everyone to check it out sways me more than a monopoly corporation scrambling to save face.

Now that MS has been goaded into doing what it should have done in the first place, namely issueing a patch to a major security vulnerability in a timely manner, this question is rather moot.

All Windows users owe Ilfak an immense thanks both for his concern over the vulnerabilty, and by publishing it, his forcing MS to take some action. I also note that several commentators have also raised the question about MS's sluggishness after Ilfak published his solution.

Regards,
John

Quote

Full interview here:
http://news.com.com/Beating+Microsoft+to+t....html?tag=carsl

Microshaft probably pinched his to get their's out faster... IMHO

Thank you Ilfak Guilfanov for your selfless efforts I owe you a dinner

jgweed, on Jan 5 2006, 08:12 PM, said:

It's now history, isn't it? But for the record and the poll, I installed Ilfak's patch the day it came out. It installed well, It had CLEAR instruction about installing, uninstalling, and then after MS decided to slooooooooooooooowly follow suit of one HERO TO US all, it uninstalled cleanly. (I did not do the DLL tweaking, Ilfak explained it wasn't too good)

THANK YOU, ILFAK!! Way to go. Keep at it.

Hey, moderators, perhaps we should send this thread to Ilfak