Jump to content


NEW WMF threat in Internet Explorer


  • Please log in to reply
No replies to this topic

#1 Neon

Neon

    Karl

  • Members
  • PipPipPipPipPipPip
  • 4,728 posts
  • Country:Space

Posted 13 February 2006 - 12:44 PM

Microsoft has issued a warning about a new vulnerability in the Windows Meta File (WMF) image format that affects older versions of Internet Explorer.

The vulnerability exists in IE 5.5 running on Windows 2000 and IE 5.01 on Windows ME.

Users of IE 6 or other Windows versions are not affected by this vulnerability, Microsoft emphasised in a security advisory. Roughly five per cent of the world's computers run IE 5.

While the vulnerability is new, it behaves in a similar way to the WMF flaw that Microsoft was forced to patch last month.

The vulnerability could allow an attacker to take control of a system through a specially crafted WMF image posted on a website or sent through a spam email.

Microsoft was forced to publish an out-of-cycle security update in January to plug a first WMF vulnerability that affected all Windows versions. Attackers were actively exploiting the flaw at the time of the Microsoft patch release




1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users