Educause Security Discussion mailing list archives
Re: WMF patch released
From: Todd Kisida <tkisida () DCP UFL EDU>
Date: Thu, 5 Jan 2006 16:20:30 -0500
The SANS recommendation is to leave unofficial patch till the officail patch is on. I'm going to try this on a few machines then aprove it via WSUS. 1. Reboot your system to clear any vulnerable files from memory 2. Download and apply the new patch 3. Reboot 4. Uninstall the unofficial patch, by using Add/Remove Programs on single systems. If you used msi to install the patch on multiple machines you can uninstall it with this: msiexec.exe /X{E1CDC5B0-7AFB-11DA-8CD6-0800200C9A66} /qn 5. Re-register the .dll if you previously unregistered it (use the same command but without the "-u"): regsvr32 %windir%\system32\shimgvw.dll 6. Reboot one more time just for good measure
-----Original Message----- From: Jeni Li [mailto:jeni.li () ASU EDU] Sent: Thursday, January 05, 2006 3:57 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] WMF patch released A question came up from one of our desktop managers -- Has anyone found or discovered any info related to the consequences of applying the official update with Ilfak's unofficial fix still installed? I know sans is recommending uninstalling the unofficial fix first, but with the way AD timings and WSUS timings work, the only way to really guarantee that it happens in that order is to leave all of your machines unprotected from all fixes for a considerable amount of time (undeploy Ilfak's msi, wait a day or so, then approve the MS fix via WSUS. Jeni Li Web/Systems Administrator Arizona State University, at the Polytechnic campus-----Original Message----- From: Doug Pearson [mailto:dodpears () INDIANA EDU] Sent: Thursday, January 05, 2006 1:52 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] WMF patch released The link ...advance.mspx still (3:45 EST) doesn't have web-download link to the fix - says that will be made available at 2:00pPST. Butthe fix can be web-downloaded at: http://www.microsoft.com/technet/security/Bulletin/MS06-001.mspx At 03:25 PM 1/5/2006 -0500, David LaPorte wrote:Microsoft has released the patch early. I was able to pull it via Windows Update: http://www.microsoft.com/technet/security/bulletin/advance.mspx David -- David LaPorte, CISSP, CCNP Security Manager, Network and Server Systems Harvard University Information Systems ----------------------------------------------- Email: david_laporte () harvard edu PGP: 0x4DC3E508 4A1F058DB2B32FEF10A14F6BD370A6AD4DC3E508
Current thread:
- WMF patch released David LaPorte (Jan 05)
- <Possible follow-ups>
- Re: WMF patch released Sadler, Connie (Jan 05)
- Re: WMF patch released Doug Pearson (Jan 05)
- Re: WMF patch released Jeni Li (Jan 05)
- Re: WMF patch released Theodore Pham (Jan 05)
- Re: WMF patch released Todd Kisida (Jan 05)
- Re: WMF patch released Ken Connelly (Jan 05)