Official Patch
Microsoft released an official patch to address the problem on 5 January 2006. This patch may be applied in lieu of other corrective measures.
The official patch is available for Windows 2000, Windows XP and Microsoft Windows Server 2003. Windows NT 4 and other older operating systems did not receive a patch as they were no longer supported by Microsoft by then. Steve Gibson stated in his Security Now! podcast #20, that his company Gibson Research Corporation would make a patch available for Windows 9x systems if Microsoft did not. After further research, Steve Gibson stated, in a laterSecurity Now! podcast #23, that Windows 9x and ME are not vulnerable and do not need patching. Windows 9x/ME users can run his Mouse Trap utility to see this for themselves.
A free downloadable patch for Windows NT has been provided by Paolo Monti from Future Time, the Italian distributor of Eset's NOD32 anti-virus system. The patch works on older operating systems, but it is supplied without warranty.
There have been reports of the official patch being automatically installed even when Windows Automatic Update is configured to ask before installing automatically downloaded updates. This causes an automatic reboot, which can cause loss of data if the user has a program open with unsaved changes.
Read more about this topic: Windows Metafile Vulnerability
Famous quotes containing the words official and/or patch:
“All official institutions of language are repeating machines: school, sports, advertising, popular songs, news, all continually repeat the same structure, the same meaning, often the same words: the stereotype is a political fact, the major figure of ideology.”
—Roland Barthes (1915–1980)
“Whatever patch of limb
he gazes on
with unblinking eyes,
I cover up
but I want him to see it all anyway.”
—Hla Stavhana (c. 50 A.D.)