Extremely critical bug found in Windows

Posted on Wednesday, Dec 28 2005 @ 21:57 CET by Thomas De Maesschalck
Security firm Secunia reports a new extremely critical vulnerability has been found in Microsoft Windows which can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to an error in the handling of corrupted Windows Metafile files (".wmf"). This can be exploited to execute arbitrary code by tricking a user into opening a malicious ".wmf" file in "Windows Picture and Fax Viewer" or previewing a malicious ".wmf" file in explorer (i.e. selecting the file). This can also be exploited automatically when a user visits a malicious web site using Microsoft Internet Explorer.
A fully patched Windows XP SP2 system is vulnerable and Windows XP SP1 and Microsoft Windows Server 2003 SP0 / SP1 are also affected. Other platforms may also be affected.

It's advised not to open untrusted .wmf files and set security level to "High" in Microsoft Internet Explorer.


About the Author

Thomas De Maesschalck

Thomas has been messing with computer since early childhood and firmly believes the Internet is the best thing since sliced bread. Enjoys playing with new tech, is fascinated by science, and passionate about financial markets. When not behind a computer, he can be found with running shoes on or lifting heavy weights in the weight room.



Loading Comments