Related information

Microsoft Windows XP/2003 Picture and Fax Viewer / Wine / ME code execution

SYMSA-2006-004 (Full Details): Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution

SYMSA-2006-004: Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution

Microsoft Security Bulletin MS06-026 Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution (918547)

Microsoft Windows GRE WMF Format Multiple Memory Overrun Vulnerabilities

From:	CERT <cert_(at)_cert.gov>
Date:	07.01.2006
Subject:	US-CERT Technical Cyber Security Alert TA06-005A -- Update for Microsoft Windows Metafile Vulnerability

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


                       National Cyber Alert System

                Technical Cyber Security Alert TA06-005A


Update for Microsoft Windows Metafile Vulnerability

  Original release date: January 5, 2006
  Last revised: --
  Source: US-CERT


Systems Affected

    * Systems running Microsoft Windows


Overview

  Microsoft Security Bulletin MS06-001 contains an update to fix a
  vulnerability in the way Microsoft Windows handles images in the
  Windows Metafile (WMF) format.


I. Description

  TA05-362A describes a vulnerability in the way Microsoft Windows
  handles Windows Metafile images. This vulnerability could allow a
  remote attacker to execute arbitrary code. Microsoft Security Bulletin
  MS06-001 contains an update to fix this vulnerability.

  The vulnerability is described in further detail in VU#181038.


II. Impact

  A remote, unauthenticated attacker may be able to execute arbitrary
  code if the user is persuaded to view a specially crafted Windows
  Metafile.


III. Solution

Apply a patch from your vendor

  Install the appropriate update according to Microsoft Security
  Bulletin MS06-001.


Appendix A. References

    * Microsoft Security Bulletin MS06-001 -
      <http://www.microsoft.com/technet/security/Bulletin/MS06-001.mspx>

    * US-CERT Vulnerability Note VU#181038 -
      <http://www.kb.cert.org/vuls/id/181038>

    * US-CERT Technical Cyber Security Alert TA05-362A -
      <http://www.us-cert.gov/cas/techalerts/TA05-362A.html>


____________________________________________________________________

  The most recent version of this document can be found at:

    <http://www.us-cert.gov/cas/techalerts/TA06-005A.html>
____________________________________________________________________

  Feedback can be directed to US-CERT Technical Staff. Please send
  email to <cert@cert.org> with "TA06-005A Feedback VU#181038" in the
  subject.
____________________________________________________________________

  For instructions on subscribing to or unsubscribing from this
  mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________

  Produced 2006 by US-CERT, a government organization.

  Terms of use:

    <http://www.us-cert.gov/legal.html>
____________________________________________________________________



Revision History

  January 5, 2006: Initial release



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBQ72ZA30pj593lg50AQLAqgf/Wwj2V0SfgA61RdAw1H8GxAaWjb3Hsuix
8DMAcZv8yITiZLkt2JD/d1piq28v0o23g0TR2I2F5sj+8GsfkmYGLOGkoqYJ4v+0
8yD3JZIxwcR+OJlA29HZebBHUNR00QBUQEb369QK9mntVqUZ/XKGiW05mQPODwhr
rFJQy3hB54evEGltScn4wTzzEB2YsSShKlBCAPOVLocLUNIZ1X60n234fe0YLABK
IUpDp6g/CrDmQ3fQYLfBGQQD462NIdccYzeYNARCOSR77dHbPYAiMvNQiiJSvrEp
4Iz2Gkm0T+jA9o4SgmkuYOtA/+3XaWXDgUP3d6Kwfo4cm9LzciF+vQ==
=GfKm
-----END PGP SIGNATURE-----