As of today the recently-discovered serious “zero-day vulnerability” in Windows is still unpatched. I just checked Windows Update and was told “no high priority updates for your computer are available.”
What gives, Microsoft? Are all of your programmers still on Christmas break? On December 28 the f-secure weblog said “We expect Microsoft to issue a patch on this as soon as they can.”
A day later Microsoft issues a work-around until the patch is released (see the Dec. 29 posting on the link above). That’s great for people willing and able to mess around with the Windows registry, but for the unwashed computer-using masses like me…
Microsoft is fiddling while Windows burns.
Fortunately, I’m a Firefox user. I just converted my wife’s computer to Firefox also. The Windows vulnerability occurs when a .wmf graphics file is clicked on. Then different things happen in Internet Explorer and Firefox:
Users of Microsoft Internet Explorer are automatically infected when they visit a Web page hosting an infected image. Firefox will first ask the user before opening the file. If the user approves, he will still be infected.
So switch to Firefox if you haven’t already. Comply with the work-around if you’re stubbornly still using Internet Explorer. And just to be safe, it’s probably wise to not visit any unfamiliar web sites until Microsoft fixes this Windows vulnerability.
Oh, there’s another option: buy a Macintosh (I mention this so my sister won’t have to leave a comment saying the same thing).