10 Quotes by Mike Reavey

We felt it was in the best interest of our customers to not release this update until it undergoes further testing.

Our information at this time leads us to believe that this is having little to no impact on corporate networks.

There has been some discussion and pointers on subsequent sites to the pre-release code. We recommend that customers disregard the postings and continue keep up-to-date with our latest information on the WMF issue.

Yes we are aware of some of the information floating around about problems after installing the MS05-051 update on Windows 2000 systems.

Those three things will help defend against most broad-based attacks. Certainly more consumers out there need to see that message.

We cannot recommend third party solutions that modify the way the product itself operates. The reason is really around the fact that we carefully review and test our security updates to ensure that they are of high quality and have been evaluated thoroughly for application compatibility.

This situation is fairly limited in the number of customers who have reported it, but we wanted to make sure people were aware we had guidance on it. We're still keeping an eye out for public exploit code for MS05-051 and have not seen any as yet. We'll be watching through the weekend, so if anything changes that you need to know about we'll update you.

As is our normal practice for security bulletins, we document the existence of any additional defense in depth product behavioral changes, as well as the area of functionality where the change occurred so that customers can assess the impact to their environments. However, providing more detail on internal product changes could serve to aid attackers.

Customers of course can weigh the risk of deploying a third party 'patch' but it's unclear what impact this will have on the system.