Microsoft to release “official” WMF patch – TODAY [updated]

for whatever reason (i wonder… .. … ….. ..) microsoft decided to release the “official” wmf patch today, ahead of schedule:

we will see how it differs from ilfak’s.

but as a friend said.. there are still 2 critical vulnerabilities to be released next black tuesday.

[updates] from matthew murphy:

according to my msrc source, the patch has hit wu now. the bulletin is
up as we speak:

my tests indicate the updates are up as well:

windows 2000 sp4

windows xp sp1/sp2

windows xp x64 edition

windows server 2003

windows server 2003 for itanium

windows server 2003 x64 edition

there is *no patch* for windows 98, windows 98 se, or windows me at this

a quick study of the bulletin reveals this from the faq:

“specifically, the change introduced to address this vulnerability
removes the support for the setabortproc record type from the
meta_escape record in a wmf image. this update does not remove support
for abortproc functions registered by application setabortproc() api calls.”

so, iow, it’s the same functionality as in ilfak’s patch, minus the hook.

gadi evron,