CERT Advisory re Windows Metafile exploit
by Simon at 09:37 29/12/05 (Forum::Technical Advice::General)
"Microsoft Windows is vulnerable to remote code execution via an error in handling files using the Windows Metafile image format. Exploit code has been publicly posted and used to successfully attack fully-patched Windows XP SP2 systems. However, other versions of the the Windows operating system may be at risk as well."

... says CERT in a bulletin this morning.

Full announcement

Updates will be available here

Given the widespread use of HTML in email, I think this is probably a vector for attack that's going to be pretty successful.

--
simon

<< Wanted: Someone cleverer than ... OK I give up >>
Powered by
Powered by Novacaster