Microsoft has issued a patch that addresses three critical security vulnerabilities in the way that its operating system processes Windows Metafile images. The patch, called Windows Update MS05-053 was released Tuesday as part of the Redmond, Washington, company's monthly security update process.
The Metafile vulnerabilities, which affect most versions of Windows, could theoretically be exploited to allow a user to shut down or even gain control of an unpatched system by tricking a user into viewing a maliciously formatted Metafile image.
Windows Metafile is a graphics format used by some CAD (computer-aided design) applications. Files that use this format have either a .wfm or .emf extension, according to a spokeswoman for Microsoft's public relations agency.
Though the vulnerabilities are rated "critical" by Microsoft, they may not be widely exploited according to Neel Mehta, team lead of Internet Security Systems' X-Force group. "There's still some user interaction required to exploit these issues, so we expect to see them used in the more sophisticated targeted attacks that we see, but it's unlikely that they'll be used in a widespread attack," he said.
The most likely way for an attacker to take advantage of these bugs would be by sending e-mail with a malicious graphic and hoping that it would be opened in Microsoft Outlook's preview pane. Attackers could also trick users into viewing such an image on a Web site, Mehta said.
The bugs are similar to one that was patched in Macromedia's Flash player earlier this week. That flaw, also rated critical, could be exploited in Macromedia Flash files, which have the extension .swf.
The Windows Metafile problems affect virtually all supported versions of Windows, according to Microsoft's statement. Windows 98, Windows 98 Second addition and Windows Millennium Edition are not affected, the statement said.
Microsoft's November Security Bulletin can be found here: http://www.microsoft.com/technet/security/bulletin/ms05-nov.mspx Macromedia's alert can be found here: http://www.macromedia.com/devnet/security/security_zone/mpsb05-07.html