In a security bulletin just published, Microsoft announces out-of-cycle release of patch to fix the recently discovered, and published, WMF file exploit (http://www.websensesecuritylabs.com/alerts/alert.php?AlertID=385 )
The security update will be available at 2:00 pm PT as MS06-001. Enterprise customers who are using Windows Server Update Services will receive the update automatically. In additional the update is supported Microsoft Baseline Security Analyzer 2.0, Systems Management Server, and Software Update Services. Enterprise customers can also manually download the update from the Download Center. Microsoft will hold a special Web cast on Friday, January 6, 2006, to provide technical details on the MS06-001 and to answer questions. Registration details will be available at http://www.microsoft.com/technet/security/default.mspx.
Time to fire up a manual update after that time. Thankfully I'm running WSUS at work, which should take care of this automatically.
0 Comments so far