A vulnerability has been discovered in Microsoft Windows [XP and 2003 Sever], which can be exploited by malicious people to compromise a vulnerable system.

The vulnerability is caused due to an error in the handling of corrupted Windows Metafile files (”.wmf”). This can be exploited to execute arbitrary code by tricking a user into opening a malicious “.wmf” file in “Windows Picture and Fax Viewer” or previewing a malicious “.wmf” file in Explorer (i.e. selecting the file). This can also be exploited automatically when a user visits a malicious Web site using Microsoft Internet Explorer.

NOTE: Exploit code is publicly available. This is being exploited in the wild.

The vulnerability has been confirmed on a fully patched system running Microsoft Windows XP SP2. Microsoft Windows XP SP1 and Microsoft Windows Server 2003 SP0 / SP1 are reportedly also affected. Other platforms may also be affected.

Solution: Do not open or preview untrusted “.wmf” files and set security level to “High” in Microsoft Internet Explorer.

[Continue reading Secunia Advisory SA18255]

[tags]internet explorer,secunia advisory sa18255,exploit,metafile,malicious web site[/tags]