Powersellersunite Power Sellers Unite
Bringing Buyers and Sellers Together
 

Critical Flaw Detected in Windows Metafile
Click here to go to the original topic

 
       Power Sellers Unite Forum Index -> Webmasters and Programmers technical help.
::  
Author Message
lotsofgoodstuff



Joined: 02 Jun 2005
Posts: 282
Location: CA
Posted: Fri Dec 30, 2005 12:20 pm    Post subject: Critical Flaw Detected in Windows Metafile  
Critical Flaw Detected in Windows Metafile


A vulnerability has been discovered in Microsoft Windows that allows hackers to remotely access PCs and install malware through an imaging-handling technology in the operating system.

Microsoft acknowledged the release of exploit code that could allow an attacker to execute arbitrary code when someone visits a Web site that contains a specially crafted Windows Metafile (WMF) image. Security authority Secunia labeled the vulnerability "extremely critical."

Malicious Graphics Files

WMF images are graphical files that can contain both vector and bitmap-based picture information. Microsoft Windows contains routines for displaying such files, but a lack of input validation in one of these routines may allow a buffer overflow to occur, which in turn may allow remote code execution.

The vulnerability can also be triggered from the Internet Explorer browser if the malicious file has been saved to a folder and renamed to other image file extensions such as ".jpg," ".gif," ".tif," and ".png." It has been detected on a patched system running Microsoft
Windows XP SP2. Microsoft Windows XP SP1 and Microsoft Windows Server 2003 systems also are affected.

more ..
http://news.yahoo.com/s/nf/20051229/tc_nf/40530
Back to top  
 
       Power Sellers Unite Forum Index -> Webmasters and Programmers technical help.
Page 1 of 1




Powered by phpBB © 2001, 2002 phpBB Group