Thursday, January 05, 2006

Microsoft Releases WMF Patch

It appears that Microsoft has released a patch before it was anticipated next Tuesday. Here it is in Websense's latest bulletin. It appears they (Websense) assisted Microsoft in getting this out!

"This is an informational alert that Microsoft has just released a patch for the WMF vulnerability. Websense® Security Labs™ was acknowledged as a contributor in the bulletin from Microsoft.

http://www.microsoft.com/technet/security/bulletin/ms06-001.mspx

At this time more than 1100 URLs are still actively attempting to exploit users who have not installed the patch. Most attacks are Trojan horse downloaders which update over HTTP and install and run other pieces of malicious code.

Depending on your patch rollout procedures, we still recommend that customers block all URLs that end in .WMF. Customers who have Websense Real-Time Security Updates (RTSU) will be protected automatically with frequent updates to the Security categories throughout the day. Customers who have the Websense Security Premium Group without RTSU will receive updates to these categories once per day.

Additional recommendations are provided in the Detection Methods and Prevention Methods sections of this article."

To view the alert directly from the Websense site, go to: WMF Patch Available from Microsoft.

Looks like we still need to exercise caution (more to come on this), but we can now see the light at the end of the tunnel.

No comments: