As is our normal practice for security bulletins, we document the existence of any additional defense in depth product behavioral changes, as well as the area of functionality where the change occurred so that customers can assess the impact to their environments. However, providing more detail on internal product changes could serve to aid attackers. |
Customers of course can weigh the risk of deploying a third party 'patch' but it's unclear what impact this will have on the system. |
In our effort to put this security fix on a fast track, a pre-release version of the update was briefly and inadvertently posted on a security community site. There has been some discussion and pointers on subsequent sites to the pre-release code…[but] we recommend that customers disregard the postings. |
Our information at this time leads us to believe that this is having little to no impact on corporate networks. |
The scope is limited at the moment, but the impact might be that an application could hang when conducting certain operations, like opening a file from the 'File open' dialog in an application. |
There has been some discussion and pointers on subsequent sites to the pre-release code. We recommend that customers disregard the postings and continue keep up-to-date with our latest information on the WMF issue. |
This situation is fairly limited in the number of customers who have reported it, but we wanted to make sure people were aware we had guidance on it. We're still keeping an eye out for public exploit code for MS05-051 and have not seen any as yet. We'll be watching through the weekend, so if anything changes that you need to know about we'll update you. |
Those three things will help defend against most broad-based attacks. Certainly more consumers out there need to see that message. |
We cannot recommend third party solutions that modify the way the product itself operates. The reason is really around the fact that we carefully review and test our security updates to ensure that they are of high quality and have been evaluated thoroughly for application compatibility. |
We felt it was in the best interest of our customers to not release this update until it undergoes further testing. |
We want to make sure we don't give attackers any [additional] information that could be used against our customers. There is a balance between providing information to assess risk and giving out information that aids attackers. |
We're investigating the issue aggressively. |
Yes we are aware of some of the information floating around about problems after installing the MS05-051 update on Windows 2000 systems. |