Microsoft Media File Vulnerability

Thanks, Paul (we share the same name, Paul is "Paolo" in Italian, BTW )

AFAIK, Microsoft asked Eset to withdraw the patch to avoid any possible issue with the upcoming official patch. Up to now, we didn't get any request from MS, so the patch is still available on our website (I mean, nod32.it).

I want to clarify that I'm the sole author of the patch and that Eset didn't endorse my unofficial patch in any way. I just wrote it for the PCs in my LAN, then when I read that Ilfak released his own unofficial patch I decided to do the same, since Ilfak's patch doesn't work on Win 9x/ME.

Like Ilfak, I also strongly suggest to uninstall the patch as soon as MS will release an official one.

ciao,
Paolo.

 

Paolo (Paul ),

Thanks for the explanation!

Ciao,

Smokey

 

microsoft patch

[COLOR="Blue"]Removed[/COLOR]

tested .. works

Link removed as the official patch hasn't been released yet.

 

Yes interesting question - anyone have an answer?

 

Official MS update released

MS06-001

Glad it's early

 

I still have a question. Since MS is not going to patch 98, 98SE and ME, is our best bet for at least some kind of patch to use Paolo's?

 

For the moment, yes.

I wouldn't be surprised if Microsoft end up rethinking their decision not to patch 98, 98SE and ME. It's just not in their best interests to do so.

 

Sorry but I just dont quite comprehend this. What are we saying that to install this NOD patch I have to re-install a whole new NOD32 AV software to have this protection and than again its only a 30 day trial. What I'm asking here if this is a patch or another NOD32 AV Software with that patch built in and plus why only 30 days, dont we need this patch for good ?

My other question here is do we need to uninstall this patch once the MS patch has been released ?

 

It looks like the patch no longer exists at the press center site, I think you can still download it here:

WMF Patch by Paolo Monti

 

The patch that Paolo Monti has written is not a patch for NOD32, it's a patch for Windows.

We DO need to uninstall ANY other patches for this issue before installing the Microsoft one.
http://www.microsoft.com/technet/security/bulletin/ms06-001.mspx

HTH

 

Where did you find this knowledge? Before and after are both ok I read...

 

Now here's something to confuse me even more. According to Microsoft Security Bulletin MS06-001 there is a patch update for Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution (912919)
Version 1.0 which was publised on January 5, 2006. and can be downloaded here http://www.microsoft.com/downloads/details.aspx?FamilyId=AA9E27BD-CB9A-4EF1-92A3-00FFE7B2AC74

But why is it that when I went to my Windows Update to check for any critical and new updates, this failed to show up and I got a msg that said No critical updates available and yet this site says it was released on Jan 5 2006.

http://www.microsoft.com/technet/security/bulletin/ms06-001.mspx

 

Do you have auto-update enabled? Perhaps it installed without your intervention?

 

I didn't wait for Windows Update to bring the update to me. I went to the link noted at MS and installed it via the downloaded .exe.

I still have a couple of PCs in use that are 98SE and ME and they aren't all running NOD32 (shame on me!) So I was looking for something to help protect them in addition to the AV and learned Paolo had made a patch that runs on these older OS's. For which I am very grateful...

 

Just because M$ release a patch does not mean that they pump it out over Windows Update straight away...

 

That's right. Microsoft's normal Windows Update schedule is to release fixes on the 2nd Tuesday of every month. Guess what will happen on January 10......

 

I got it via automatic update..

 

@NOD32 user: A yes, but that only applies to the Eset-patch and because you said ANY etc.. I btw updated and uninstalled the Ilfak Guilvanof-patch after reboot and all is well. For now. (ps: Ilfak wrote : "It can be uninstalled before or after applying the official patch from the Add/Remove Programs window." )

 

You don't know if any of the patches out there are compatible with the M$ one until you try them or believe somebody who has - it really is up to you if you want to leave them installed or not but doesn't it make a lot more sense to suggest people remove whatever patch they may have to circumvent some unforseen conflict in the future as opposed to suggesting that the Paolo Monti patch is the ONLY one that need be removed first?

 

Yup, me too. I guess Microsoft decided to release it early to the general public. Yay!

 

They did, although I find it abhorrent that Microsoft don't release security patches as soon as they're ready for distribution. I mean who would use an antivirus program that only updated on the 2nd Tuesday of every month?

 

Bill?

 

@NOD32 user: I didn't suggest that. I only wanted to know where you got your information, because I gave the advice I found on hexblog and sans concerning the Ilfak Guilvanof-patch (uninstalling before and after are both ok, only after is safer) to some people and if it was better to uninstall the patch before than after, according to your source, then I could weigh that and maybe change my advice. That's all. ps. my gutfeeling told me before is better, but my brain told me after is indeed safer. The brain won.

 

Nah, he's smart so probably uses NOD32.