Infoworld

MORE ENTRIES

New WMF exploits on the loose

January 09, 2006 | Comments: (0)

New WMF exploits on the loose

New WMF exploits have been posted to the web.

Microsoft Windows Graphics Rendering Engine Multiple Memory Corruption Vulnerabilities
See here and here.

QUOTE: Microsoft Windows WMF graphics rendering engine is affected by multiple memory corruption vulnerabilities. These issues affect the 'ExtCreateRegion' and 'ExtEscape' functions. These problems present themselves when a user views a malicious WMF formatted file containing specially crafted data. Reports indicate that these issues lead to a denial of service condition, however, it is conjectured that arbitrary code execution is possible as well. Any code execution that occurs will be with the privileges of the user viewing a malicious image.
An attacker may gain SYSTEM privileges if an administrator views the malicious file.

Posted by Roger Grimes on January 9, 2006 11:28 AM

RATE THIS ARTICLE:

COMMENTS

TOP STORIES

ADDITIONAL RESOURCES

RESOURCE ALERTS
Receive instant email notification when resources like these become available.

Technology White Papers

InfoWorld Technology Marketplace

Windows Vista: A Cyber Security Shield - Windows Vista incorporates a number of new and enhanced security features that address spyware, security vulnerabilities...
Key Strategies for SOA Testing - Unless you're willing to reorient your testing procedures and technology now, you may find yourself behind the curve as ...
Document Management 2.0 - Web-based Collaboration and the Road to Compliance - Adopting Web-based document management can put organizations in a better position to address constraints and opportunities...
Content Management Integration - The Triumph of the foot soldier - The first Content Management applications addressed common business problems with complex solutions. While they filled a...
Class of Service: Myths and Misconceptions - There has been much discussion about the benefits of CoS; but, there are also common myths, which unless challenged, can...
Factors to consider when comparing DSL or Cable - As the demand for high-speed access increases, businesses are looking for cost-effective connection options for remote workers...

» Technology White Papers Library

Technology White Papers by Topic

Technology White Papers E-mail Alert

Find out when the latest white paper is available:

» BUY A LINK NOW

Sponsored Technology Links

Copyright © 2007, Reprints, Permissions, Licensing, IDG Network, Privacy Policy, Terms of Service.
All Rights reserved. InfoWorld is a leading publisher of technology information and product reviews on topics including viruses,
phishing, worms, firewalls, security, servers, storage, networking, wireless, databases, and web services.