I’m a little slow today.  But this is a serious vulnerability.  Get patched ASAP.  The patch is here.  

eEye originally reported this vulnerability.  Here is the security bulletin from Full Disclosure

Windows Metafile SetPalette Entries Heap OVerflow Vulnerability (Graphics Rendering Engine Vulnerability)

Release Date:
November 8, 2005

Date Reported:
September 1, 2005

High (Code Execution)


Systems Affected:
Windows 2000
Windows XP SP0, SP1
Windows Server 2003 SP0

eEye Digital Security has discovered a vulnerability in the way the Windows Graphical Device Interface (GDI) processes Windows Metafile (WMF) format image files that would allow arbitrary code execution as a user who attempts to view a malicious image.  An attacker could send such a metafile to a victim of his choice over any of a variety of attack vectors, including an HTML e-mail, a link to a web page, a metafile-bearing Microsoft Office document, or a chat message.

The eEye link  is here.

Catherine has more here too.  Brian Krebs is also on it.


Alex Eckelberry
(Thanks Eric S.)


Get your free 30-day GFI LanGuard trial

Get immediate results. Identify where you’re vulnerable with your first scan on your first day of a 30-day trial. Take the necessary steps to fix all issues.