Experts Clash Over Third Party Windows Metafile Patch

Security experts can't agree on what to do about the growing number of zero-day exploits assaulting Windows PCs.

While some security experts urged users Wednesday to apply an unsanctioned, third-party patch to block the growing number of attacks against the Windows Metafile (WMF) bug, others -- Microsoft included -- said that was a very bad idea.

The controversy swirls around whether to apply a hotfix created by Ilfak Guilfanov, a reverse-engineering guru best known for his Interactive Disassembler Pro (IDA) software. Guilfanov's patch, which is hosted on several sites, blocks WMF exploits by setting gdi32.dll's Escape() function so that it ignores any call using the SETABORTPROC parameter. Security Pipeline | Experts Clash Over Third-Party Windows Metafile Patch

Linked by shanmuga Thursday, 5th January 2006 4:14AM