Leo Laporte and Steve Gibson Security Now! with Steve Gibson, Episode 21 covers the worst Windows vulnerability yet and we interview the author of the first patch, Ilfak Guilanov. Main feed - courtesy AOL Radio As we've told you in the past two editions of Security Now! there's a very serious security flaw in all versions of Windows. This hole takes advantage of poor design choice in the Windows metafile interpreter and can be exploited by a malicious web site or by email attachments. There are hundreds of malicious sites out there right now that take advantage of this vulnerability. Microsoft pushed a fix for Windows XP and 2000 today - so run Windows update. There is no fix yet for Windows 95/98/Me but Steve has committed to writing one if it appears to be necessary. In this episode we talk about the vulnerability and interview the creator of the first patch for it, Ilfak Guilanov. According to Steve's analysis, Microsoft is using Ilfak's technique in its own patch. For more details visit grc.com. Steve also hosts transcripts, show notes, and a 16kbps version of the show for the bandwidth impaired at grc.com. <!--break-->