Our website would like to use cookies to store information on your computer. You may delete and block all cookies from this site, but parts of the site will not work as a result. Find out more about how we use cookies.

Login or Register

Powered by
Powered by Novacaster
 
CERT Advisory re Windows Metafile exploit
by Simon at 09:37 29/12/05 (Forum::Technical Advice::General)
"Microsoft Windows is vulnerable to remote code execution via an error in handling files using the Windows Metafile image format. Exploit code has been publicly posted and used to successfully attack fully-patched Windows XP SP2 systems. However, other versions of the the Windows operating system may be at risk as well."

... says CERT in a bulletin this morning.

Full announcement

Updates will be available here

Given the widespread use of HTML in email, I think this is probably a vector for attack that's going to be pretty successful.

--
simon

<< Wanted: Someone cleverer than ... OK I give up >>
View Comments (Flat Mode) Printer Version
CERT Advisory re Windows Metaf... Simon - 29/12
    Re: CERT Advisory re Windows M... Simon - 29/12
       Re: CERT Advisory re Windows M... Simon - 2/01
          F-Secure Blog and Washington P... Simon - 2/01
    Patch is out (Re: CERT Advisor... Simon - 6/01