December 2005
Exploitation of unpatched vulnerability in Windows Metafile (Update)
ID: 01142
Ref: 1074/05
Date: 30 December 2005:14:26:39
Version: 1
Title: Exploitation of unpatched vulnerability in Windows Metafile (Update)
Abstract:
Vendors affected: Microsoft
Operating systems affected: Microsoft
Applications affected: Microsoft
This briefing is an update to UNIRAS brief 1070/05 issued on 28 December 2005.
There are reports of active exploitation of a vulnerability in the graphics rendering engine within the Microsoft Windows. The Windows Picture and Fax Viewer is used to view Windows Meta Files (WMF).
Additional information and mitigation regarding this vulnerability is now available from
http://www.microsoft.com/technet/security/advisory/912840.mspx
This page contains a suggested workaround (Suggested Actions -> Workarounds) which disables Windows Picture and Fax Viewer, until a patch is provided.
Previous mitigation advice continues to apply
- block WMF files in your HTTP and SMTP content checkers
- ensure anti-virus software is fully updated
- exercise caution when clicking on links or emails from untrusted sources
There have been no reports of activity related to this vulnerability from the Uniras community.