Microsoft Windows Metafile Vulnerability

Systems Affected

• Microsoft Windows

Overview

Microsoft has released an update that addresses a critical vulnerability in Windows Metafile images.

Solution

Apply Updates

Microsoft has released a security update for a Windows Metafile image vulnerability. To obtain the update, visit the Microsoft Update web site. US-CERT also recommends enabling Automatic Updates.

Description

Microsoft Security Bulletin MS06-001 addresses a vulnerability in Windows Metafile (WMF) images. This vulnerability may allow an attacker to take control of your computer or cause it to crash. For more technical information, see US-CERT Technical Cyber Security Alert TA06-006A.

References

• US-CERT Technical Cyber Security Alert TA06-005A - <http://www.us-cert.gov/cas/techalerts/TA06-005A.html>
• US-CERT Vulnerability Note VU#181038 - <http://www.kb.cert.org/vuls/id/181038>
• Microsoft Security Bulletin Summary for January 2006 - <http://www.microsoft.com/technet/security/bulletin/ms06-jan.mspx>
• Microsoft Security Bulletin MS06-001 - <http://www.microsoft.com/technet/security/bulletin/ms06-001.mspx>
• Microsoft Update - <https://update.microsoft.com/microsoftupdate/>
• Security Essentials - <http://www.microsoft.com/athome/security/protect/default.aspx>

Feedback can be directed to the US-CERT Technical Staff.

Produced 2006 by US-CERT, a government organization. Terms of use

Revision History

January 5, 2006: Initial release