ALERT! New Windows Metafile Vulnerability Identified

Security researchers report that viewing a Windows Metafile (WMF) image file may expose selected Windows operating systems (Windows 2000, Windows XP, Windows Server 2003, Windows 98 and ME) to a serious security vulnerability. This exploit could be triggered by opening an infected email image attachment or by viewing an infected Web page. A file indexing utility, such as Google Desktop, could also initiate the infection by indexing an infected file. An infected image may reside in common image files, including files with an extension of wmf, jpg, gif and tif. Once a computer is infected, a remote attacker could gain control of the computer. Microsoft has not released a patch for this vulnerability as of the date of this alert.

This vulnerability is particularly dangerous, as programs to create infected files have been released to the Internet. The malicious image files can be easily created and made part of a spam email or an inviting Web page.

While a Windows patch is unavailable, there is a way to temporarily bypass this vulnerability for Windows XP (SP1 and SP2), Windows Server 2003 and Windows Server 2003 (SP1). Information and instructions for the bypass method are listed in the Microsoft reference link below. It is recommended that this bypass be used for now and later removed after installation of the Microsoft patch for this WMF vulnerability.

References
Microsoft: http://www.microsoft.com/technet/security/advisory/912840.mspx
McAfee: http://us.mcafee.com/virusInfo/default.asp?id=description&virus_k=137760