Three new security flaws affecting Windows have been reported today, with a patch available from Microsoft, related to the handling of images being displayed. Two of them are listed as Critical, while the third is not so severe. This is the patch that Microsoft stated was for release this week, so it comes as not too much of a surprise. The scope in general seems to be limited considering the formats involved.
”The vulnerabilities relate to how the operating system renders the Windows Metafile (WMF) and Enhanced Metafile (EMF) image formats, Microsoft said Tuesday in its MS05-053 security bulletin. Two of them could allow a remote intruder to gain complete control over a Windows PC, Microsoft warned in the bulletin, the sole one in its monthly patch cycle.”
The exploit affects Windows 2000 and Windows XP SP1 among others, but a Service Pack 2 machine and a 2003 SP1 machine would be immune. Yet another reason to keep your machine updated and with the latest service pack.