CDRInfo Forum CDRInfo Forum

Forums  Register  Login  My Profile  Inbox  Address Book  My Subscription  My Forums 

Photo Gallery  Member List  Search  Calendars  FAQ  Ticket List  Log Out

Windows hit by yet another WMF hole   Logged in as: Guest
Viewers: 729 You can click here to see Today's Posts | Most Active Topics | Posts Since Last Visit
  Printable Version
All Forums >> [News Around The Web] >> Microsoft News >> Windows hit by yet another WMF hole Page: [1]
Message << Older Topic   Newer Topic >>
Windows hit by yet another WMF hole - 2/8/2006 7:06:02 PM   

Posts: 1011
Joined: 8/4/2003
From: Ontario - Canada
Status: offline
Microsoft has issued a warning about a new vulnerability in the Windows Meta File (WMF) image format that affects older versions of Internet Explorer.

The vulnerability exists in IE 5.5 running on Windows 2000 and IE 5.01 on Windows ME.

Users of IE 6 or other Windows versions are not affected by this vulnerability, Microsoft emphasised in a security advisory. Roughly five per cent of the world's computers run IE 5.

While the vulnerability is new, it behaves in a similar way to the WMF flaw that Microsoft was forced to patch last month. The vulnerability could allow an attacker to take control of a system through a specially crafted WMF image posted on a website or sent through a spam email.

Microsoft was forced to publish an out-of-cycle security update in January to plug a first WMF vulnerability that affected all Windows versions. Attackers were actively exploiting the flaw at the time of the Microsoft patch release.

View : Microsoft Security Advisory (913333)

Source : Vnunet
Post #: 1
Page:   [1]
All Forums >> [News Around The Web] >> Microsoft News >> Windows hit by yet another WMF hole Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts

Forum Software © ASPPlayground.NET Advanced Edition 2.4.5 ANSI