Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Microsoft Releases Metafile Patch Early

Microsoft released the patch for the zero-day Metafile vulnerability on Thursday, five days ahead of its previously-announced schedule. The fix was pushed to customers via the Redmond, Wash.-based developer's regular update services around 1 p.m. PST, 4 p.m. EST.

The security update, labeled MS06-001, has been in development and testing since soon after the Windows bug was made public last week. By Wednesday, there were indications from Microsoft and others that the patch was close to release.

"The development and testing teams have put forth a considerable effort to respond to the strong customer sentiment that the release should be made available as soon as possible," a Microsoft spokesperson said Thursday afternoon. "As a result the testing process has been completed earlier than expected and the security update is ready for release today."

Earlier, Microsoft had said that it would release the hot fix ahead of schedule -- or out-of-cycle, as the company calls it -- if it detected an uptake in the number or pattern of exploits that have been attacking Windows PCs via malicious and compromised Web sites. In a supporting statement Thursday, the company denied that was now the case.

"Microsoft’s monitoring of attack data continues to indicate that the attacks are limited and are being mitigated both by Microsoft’s efforts to shut down malicious Web sites and with up-to-date signatures form anti-virus companies," the online statement read.

  • 1