New lot of WMF flaws found

By Derek Sooman on
Only days after Microsoft released a patch to deal with the Windows Metafile vulnerability, it has been revealed that at least two additional flaws have been discovered in the way Windows handles Metafiles. One was posted to the Bugtraq mailing list yesterday, with proof-of-concept exploit code appearing not long after. According to Microsoft, this can be used to cause a denial-of-service crash.

"As it turns out, these crashes are not exploitable but are instead Windows performance issues that could cause some WMF applications to unexpectedly exit. These issues do not allow an attacker to run code or crash the operating system. They may cause the WMF application to crash, in which case the user may restart the application and resume activity," said Lennart Wistrand, lead security program manager in the MSRC (Microsoft Security Response Center).

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.