MS: A few thoughts on the WMF vulnerability

Based on our investigation, this exploit code could allow an attacker to execute arbitrary code on a userís system by hosting a specially crafted WMF image on a malicious Web site. We have determined that an attacker would have no way to force users to visit such a malicious Web site. Instead, an attacker would have to persuade someone to visit the Web site, typically by getting them to click a link that takes them to the attacker's Web site.

We have been asked a number of times whether this vulnerability can be exploited via email. I want to be very clear in the response so all users can understand the situation. In an e-mail based attack, customers would have to be persuaded to click on a link within a malicious e-mail or open an attachment that exploited the vulnerability. In both the web and e-mail based attacks, the code would execute in the security context of the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Welcome to the Microsoft Security Response Center Blog! : A few thoughts on the WMF vulnerability

Linked by shanmuga Saturday, 31st December 2005 6:11AM