[Ernest_at_the_Beach]

fyi

[ShadowAce]

[js1138]

I notice that any machine using an AMD64 CPU is not vulnerable to this or to any similar exploit. This is probably true of Intel 64 bit enabled chips also.

[zeugma]

Not all computers are vulnerable to the WMF threat: those running non-Windows operating systems are not affected.

Sometimes it pays to be different.

Actually, it pays almost all the time in this case.

[antiRepublicrat]

No, Microsoft never sits on a patch, or so the cheerleaders here tell us.

[backhoe]

I have some links handy ( rummaging around old files hastily )...

John's Note:

I tried this-- seems OK on Win 2K:

Here's an update to the unofficial fix posted above. The folks at sans.org have taken the patch apart and modified it to work on WIN2K systems.. It's running on my system with no apparent ill effects. I'll be patching the other computers in the house shortly. The upshot is this: You cannot wait for the official MS patch, you cannot block this one at the border, and you cannot leave your systems unprotected.

----------------------------------------------------------------------------------------

New exploit released for the WMF vulnerability - YELLOW (NEW)

Sites exploit Windows image flaw (New attacks for pc users)

Windows Security Flaw Is 'Severe'

For video players that can handle other formats, give your friends these links -

www.videolan.org

www.divx.com

Subnote: V-lan works fine on my home machines- others I know swear it "hosed my codecs"- so be advised I provide that and other links on a "use with caution" basis.