WMF: Major Revision In Vulnerable System List


.......Except for Windows XP and Windows Server 2003, no Windows versions, in their default configuration, have a default association for WMF files, and none of their Paint programs or any other standard programs installed with them can read WMF files. One ironic point to conclude is that not until their most recent operating system versions did Microsoft include a default handler - the Windows Picture and Fax Viewer - for what has been, for years, an obsolete file format. And now it comes back to bite them.

Therefore only consider applying the Guilfanov patch on Windows XP and Windows Server 2003. On other platforms, unless you have installed your own vulnerable default handler for WMF files, the likelihood of compromise even when a system is bombarded with malicious WMFs is low. Major Revision In Vulnerable System List

Linked by shanmuga Tuesday, 3rd January 2006 5:42AM