It took roughly 2 days after McAfee disclosed the ANI exploit for eEye to release a patch, then just 1 day for jamikazu to show the PoC that by bypass this patch ;)

It took roughly 3 days for ZERT to release this patch for ANI.

... and today finally after more than 3 months M$ released this damn patch MS07-017 , 6 days after McAfee reported the finding of the exploit in the wild, and still they have to courage to say (...threat for attacks against this vulnerability to increase although we haven’t seen anything widespread... )

Yes, not all windows machines in the world are compromised, but not thanks to you! thanks to other security vendors...

I dont follow M$ patch releases religiously, but I think this is the first time they release a patch out of the usual second Tuesday of every month (?)... I never quite understood when M$ patches will be released as personally I want to have the patch asap, sometimes I have the feeling that time passes slower when waiting for M$ patch...

I guess the moral of the story is: dont hold your breath waiting for patch whenever there is a critically vulnerability in M$ products...

PS: While others scrambled running for cover.. McAfee immediately released the DAT file & IPS SigSet to protect against exploit, I think they did it in less than 1 day :)
UPDATE: Websense begs to differ: Large scale compromise with ANI exploit code
UPDATE2: Kaspersky confirmed that ASUS website was compromised and an iframe added which leads to the recent ANI exploit. It is a big deal, but I am not surprised :(

Labels: security