Source:
A fix is coming next year in SP3; Vista, Server 2003 and Server 2008 immune
Oh!!! OK Microsoft… no rush, we can wait till 2010 if you want… what 2010 ?!! We can wait forever no big deal… >:(
well SP3 RC1 is available already for testers …
Thanks for the info. and the link SasH. Sent an email to Microsoft on my feelings about this. I really don’t expect a response…just felt the need to send it anyway. ;D
If you read over the article though it states that to exploit this the attacker must already have control over your PC (with administrative rights). If that’s the case I think there is a lot more they could do then just exploit this, which is why MS doesn’t consider it a security threat.