The patch fixes a bug in how Windows' graphic rendering engine processes Windows Meta File images.
Microsoft on Friday released the first security update for Windows Vista, the Redmond, Wash.-based developer's next-generation flagship OS that's touted as ultra secure.
The patch fixes a bug in how Windows' graphic rendering engine processes Windows Metafile (WMF) images. That bug was first discovered in late December 2005 and was quickly exploited by hackers to infect systems with spyware, adware, and other malicious code.
The Jan. 5 out-of-cycle WMF security fix from Microsoft didn't--and still doesn't--list Vista among the flawed, but with the posting of patches it's clear that the same "SetAbortProc" function at the root of the WMF bug exists in Vista.
In the update documentation Microsoft said only that "A remote code execution security issue has been identified in the Graphics Rendering Engine that could allow an attacker to remotely compromise your Windows-based system and gain control over it." That language, however, closely matches what Microsoft wrote in its MS06-001 security bulletin, where it said "a remote code execution vulnerability exists in the Graphics Rendering Engine because of the way that it handles Windows Metafile (WMF) images."
These are the first fixes issued for the still-in-development Windows Vista.
The Business of Going DigitalDigital business isn't about changing code; it's about changing what legacy sales, distribution, customer service, and product groups do in the new digital age. It's about bringing big data analytics, mobile, social, marketing automation, cloud computing, and the app economy together to launch new products and services. We're seeing new titles in this digital revolution, new responsibilities, new business models, and major shifts in technology spending.