Follow us on Twitter
Follow us on FacebookBeating Microsoft to the punch
@ 2006/01/05In a rare move, security experts at the SANS Institute's Internet Storm Center and at F-Secure are advising people to download Guilfanov's patch, which aims to fix a flaw in the Windows Meta File.
This vulnerability has spawned a torrent of exploits that seek to take advantage of the wait while Microsoft works on its own patch. The software company has said it will release a WMF patch on Jan. 10, as part of its monthly security update cycle. That would come 14 days after the flaw was first publicly disclosed.
People eager to download the unofficial patch inundated Guilfanov's personal Web site, which had to be temporarily shut down as a result. He has since reduced his home page to its bare minimum.
In this case, Guilfanov, a senior developer at DataRescue in Liege, Belgium, has gained the trust of security companies, which usually are reluctant to suggest that customers use a patch from someone other than the original maker of the software.
This vulnerability has spawned a torrent of exploits that seek to take advantage of the wait while Microsoft works on its own patch. The software company has said it will release a WMF patch on Jan. 10, as part of its monthly security update cycle. That would come 14 days after the flaw was first publicly disclosed.
People eager to download the unofficial patch inundated Guilfanov's personal Web site, which had to be temporarily shut down as a result. He has since reduced his home page to its bare minimum.
In this case, Guilfanov, a senior developer at DataRescue in Liege, Belgium, has gained the trust of security companies, which usually are reluctant to suggest that customers use a patch from someone other than the original maker of the software.
