here's a few unofficial patches that i found. however, since they are unofficial, things could be messed up, so i reccomend you just wait for the official one...
I suggest you read the info at SANS:
http://isc.sans.org/diary.php?date=2006-01-01
and at SunbeltBLOG:
http://sunbeltblog.blogspot.com/ there are several posts about it.
SANS and Sunbelt are highly recommending this unofficial patch until Microsoft releases an official fix.
The patch can be downloaded here:
http://www.hexblog.com/2005/12/wmf_vuln.html
More info there as well.
Please feel free to copy this information to other forums and sites.
I spent a couple of hours testing the patch tonight on VMware, and in my tests, it did work. There is also a test to check your machine from the developer of the patch.
http://www.hexblog.com/2006/01/wmf_v...cker.html#more
I urge everyone to check this out and install the patch after you read all the information.
Reply With Quote