Our website would like to use cookies to store information on your computer. You may delete and block all cookies from this site, but parts of the site will not work as a result. Find out more about how we use cookies.

Login or Register

Powered by
Powered by Novacaster
CERT Advisory re Windows Metafile exploit
by Simon at 09:37 29/12/05 (Forum::Technical Advice::General)
"Microsoft Windows is vulnerable to remote code execution via an error in handling files using the Windows Metafile image format. Exploit code has been publicly posted and used to successfully attack fully-patched Windows XP SP2 systems. However, other versions of the the Windows operating system may be at risk as well."

... says CERT in a bulletin this morning.

Full announcement

Updates will be available here

Given the widespread use of HTML in email, I think this is probably a vector for attack that's going to be pretty successful.


<< Wanted: Someone cleverer than ... OK I give up >>
View Comments (Threaded Mode) Printer Version
CERT Advisory re Windows Metafile exploit Simon - 09:37 29/12/05
Re: CERT Advisory re Windows Metafile exploit Simon - 10:44 29/12/05
More info here (Google Groups).
Re: CERT Advisory re Windows Metafile exploit Simon - 16:45 02/01/06
Video of exploit in action.


F-Secure Blog and Washington Post article, plus a patch Simon - 17:23 02/01/06


... there's an unofficial hotfix (that patches at a very low level) recommended:



Patch is out (Re: CERT Advisory re Windows Metafile exploit) Simon - 10:12 06/01/06
The official MS patch for the exploit is apparently now available.