Microsoft Windows WMF Handling Arbitrary Code Execution
- 0
- Add a Comment
- No Related Post
A vulnerability has been discovered in Microsoft Windows [XP and 2003 Sever], which can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to an error in the handling of corrupted Windows Metafile files (”.wmf”). This can be exploited to execute arbitrary code by tricking a user into opening a malicious “.wmf” file in “Windows Picture and Fax Viewer” or previewing a malicious “.wmf” file in Explorer (i.e. selecting the file). This can also be exploited automatically when a user visits a malicious Web site using Microsoft Internet Explorer.
NOTE: Exploit code is publicly available. This is being exploited in the wild.
The vulnerability has been confirmed on a fully patched system running Microsoft Windows XP SP2. Microsoft Windows XP SP1 and Microsoft Windows Server 2003 SP0 / SP1 are reportedly also affected. Other platforms may also be affected.
Solution: Do not open or preview untrusted “.wmf” files and set security level to “High” in Microsoft Internet Explorer.
[Continue reading Secunia Advisory SA18255]
[tags]internet explorer,secunia advisory sa18255,exploit,metafile,malicious web site[/tags]