We use PHP on windows in our desktop applications that is installed on our client boxes. Some of our clients have been chasing us as they found some security loop holes in our application during security audits at their end. The main being the PHP security issue on windows: CVE-2007-5653(The COM functions in PHP 5.x on Windows do not follow safe_mode and disable_functions restrictions).
I went through the PHP5 change log list and could not locate any version which mentioned having a fix for the issue. Would like to confirm, in case I have missed while going through the big list and if there is no fix yet is there a workaround this.