More on the Windows Meta File exploit



December 29th, 2005

Here are a few more interesting and useful links about the Windows Meta File exploit recently discovered in Windows.

First is an advisory from Microsoft - Security Advisory (912840) Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution.

Here Avery J. Parker gives some insight into the exploit based on his experiences with it on a "virtual" PC.

Here are a couple of interesting posts from the Sunbelt Blog (here and here).

My advice is for everyone to apply the workaround (detailed here) and for you to stay away from untrusted websites and disable images in email (if you are an Outlook user I suggest downloading AttachmentOptions for Outlook from Slovak Technical Services and use that to switch to plain text emails).

Also, some coverage at Security Fix.

This entry was posted on Thursday, December 29th, 2005 at 11:50 and is filed under PC Doctor's Useful Links, Stay Secure. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

One Response to “More on the Windows Meta File exploit”

  1. Jason’s weblog » Windows Vulnerability Says:

    [...] links: http://blogs.washingtonpost.com/securityfix/2005/12/update_on_the_c.html http://www.microsoft.com/technet/security/advisory/912840.mspx http://www.pcdoctor-guide.com/wordpress/?p=2034 [...]