Monday, January 09, 2006

Update for Microsoft Windows Metafile Vulnerability

Original release date: January 5, 2006
Last revised: --
Source: US-CERT


Systems Affected
* Systems running Microsoft Windows

Overview
Microsoft Security Bulletin MS06-001 contains an update to fix a
vulnerability in the way Microsoft Windows handles images in the
Windows Metafile (WMF) format.

I. Description
TA05-362A describes a vulnerability in the way Microsoft Windows
handles Windows Metafile images. This vulnerability could allow a
remote attacker to execute arbitrary code. Microsoft Security Bulletin
MS06-001 contains an update to fix this vulnerability.
The vulnerability is described in further detail in VU#181038.

II. Impact
A remote, unauthenticated attacker may be able to execute arbitrary
code if the user is persuaded to view a specially crafted Windows
Metafile.

III. Solution
Apply a patch from your vendor
Install the appropriate update according to Microsoft Security
Bulletin MS06-001.

No comments:

There was an error in this gadget