Microsoft to fix .wmf Windows flaw

Posted on 4 Jan 2006 at 10:56

Microsoft says it has come up with a fix for the vulnerability exposed in the graphics rendering engine between Christmas and the New Year.

As we reported yesterday a new strain of virus has appeared which means that a specially designed Windows Metafile (wmf) could be used to gain access to a machine and take control. The situation is worsened by the fact that source code for the exploit has been published on the Internet and that the virus changes itself when it replicates, making it harder for it to be detected by traditional signature-based security software.

Microsoft says that its own security swat team has come up with a security update for the vulnerability and plans to release the update on 10 January - the first 'Patch Tuesday' of the year.

The update will be released worldwide simultaneously in 23 languages for all affected versions of Windows and will be available through all the usual channels including the Download Centre, Microsoft Update and Windows Update. The company also says that subscribers to Windows' Automatic Updates feature will get the fix automatically.

While the Windows community is anxious that their unpatched machines may remain vulnerable for almost another week Microsoft is anxious to assure everyone that it is not being complacent. The company says has been carefully monitoring the attempted exploitation of the WMF vulnerability since it became public. The company says that while it regards the issue as 'serious' and recognised that malicious attacks are being attempted the scope of the attacks are not widespread.

In the meantime, the company points out that machines can only be infected by opening maliciously crafted links on web pages or emails and warns users to be extra careful. The company also says that the feedback it is getting from anti-virus companies indicate that attacks based on exploiting the WMF vulnerability are being mitigated through up-to-date signatures.

Author: Steve Malone