Microsoft has issued a warning about a new vulnerability in the Windows Meta File (WMF) image format that affects older versions of Internet Explorer.
The vulnerability exists in IE 5.5 running on Windows 2000 and IE 5.01 on Windows ME.
Users of IE 6 or other Windows versions are not affected by this vulnerability, Microsoft emphasised in a security advisory. Roughly five per cent of the world's computers run IE 5.
While the vulnerability is new, it behaves in a similar way to the WMF flaw that Microsoft was forced to patch last month.
The vulnerability could allow an attacker to take control of a system through a specially crafted WMF image posted on a website or sent through a spam email.
Microsoft was forced to publish an out-of-cycle security update in January to plug a first WMF vulnerability that affected all Windows versions. Attackers were actively exploiting the flaw at the time of the Microsoft patch release
0
NEW WMF threat in Internet Explorer
Started by
Neon
, Feb 13 2006 12:44 PM
No replies to this topic
1 user(s) are reading this topic
0 members, 1 guests, 0 anonymous users
