Microsoft warns against unofficial patch
I didn’t exactly expect a parade staged by Microsoft for the writer of the unofficial patch for this WMF vulnerability, but…. eweek tells us that Microsoft says “beware of unofficial WMF patch” It also mentions that behind the scenes Microsoft officials are furious that the threat has been overblown. Personally, I think they’ve downplayed the issue in their recent security bulletin and frankly, I’ve seen quite a bit of overblown hype. (*virus threatens every windows os shipped since 1990…)
My respect for the maturity of people within Microsoft would be that much higher if someone would come out and say something like….
“We’re developing a patch. We appreciate the work of outside experts in the quick development of an unofficial patch. We obviously can’t recommend it as we have not tested it, but if you are in a situation where you feel that you cannot wait for the official patch, please take whatever measures needed to protect your computers and your networks. The official patch will be out as soon as it’s ready and tested, if that means releasing Monday instead of Tuesday, or tomorrow, so be it, as soon as it’s ready. We have ### people working on the issue right now.”
Don’t hold your breath….