Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Patches VML Vulnerability

Posted by ryuzaki0 on from the not-a-moment-too-soon dept.

Uncle Rummy writes, "Microsoft has quietly released an official patch for the zero-day VML vulnerability. The patch was publicly available yesterday, But Microsoft has just added it to the Security Bulletin Index." Eight days from time of first report to patch is pretty fast for Microsoft, and is almost two weeks ahead of their normal patch schedule. This security flaw was being aggressively exploited out in the wild.

5 of 130 comments (clear)

  1. this patch was released before patch day? by jimstapleton · · Score: 5, Funny

    How did it affect DRM such that it encouraged MS to do this?

    --
    34486853790
    Connection too slow for X forwarding? Try "ssh -CX user@host"
  2. Vendor Reviews... by kf4lhp · · Score: 3, Funny

    Now to see how long it takes my vendors to say "OK, you can safely apply this patch."

  3. Microsoft Patches IE Browser Flaw by RR074862 · · Score: 2, Funny

    The Internet Explorer patch was released early because Microsoft was concerned of the critical risk to users. The vulnerability involves the way that the browser handles Vector Markup Language (VML) graphics. Malicious hackers can exploit the flaw by creating a Web page that can download spyware or keyloggers onto a user's system.

  4. Re:Maybe they should have tested it more... by BadAnalogyGuy · · Score: 3, Funny

    Back out that change, install Firefox, and go and sin no more.

  5. Change the icon please by 140Mandak262Jamuna · · Score: 2, Funny

    MSFT fixes a bug. Then it fixes the patch. Patches the patch. So is that dead bug a good choice as an icon? Please change it to phoenix bird. It is supposed to die and come back alive from its ashes.

    --
    sed -e 's/Chuck Norris/Rajnikant/g' joke > fact