http://www.frsirt.com/english/advisories/2005/3086

Microsoft won't have a fix out for it until Tuesday.

[QUOTE=302_plus_a_few]http://www.frsirt.com/english/advisories/2005/3086

Microsoft won't have a fix out for it until Tuesday.[/QUOTE]

If then, sorry bastards.... But there IS a working, tested unofficial patch for W2K and XP:

http://handlers.dshield.org/jullrich/wmffaq.html

No patch for Win98; M$ not expected to provide one. You're not still running 98 are you???? :eek:

The link, about halfway down the page, will open a d/l for

WMFFIX_HEXBLOGXX.EXE where XX is a number (currently 14). D/l it, run it, restart.

As Brian Livingston says (www.windowssecrets.com), don't worry about unregistering the .DLL, cause malware could re-register it anyhow. The patch dynamically blocks the exploit in memory.

I've applied this to my own computers & provided it to my clients. The patch is safe.