Update: More Unpatched Bugs Loose In Microsoft Windows Meta File
Microsoft released its WMF patch just days ago, but multiple unpatched memory-corruption vulnerabilities remain. Symantec is warning users to disable the Windows Picture and Fax Viewer application.
Just days after Microsoft rushed out a patch for a bug in Windows Metafile (WMF) image processing, a security company has warned customers that multiple memory corruption vulnerabilities in the same rendering engine could leave users open to attack.
"An attacker may leverage these issues to carry out a denial-of-service attack or execute arbitrary code," Symantec said in a vulnerability alert issued through its DeepSight Management System.
- Why Rational Development Solutions for Power?
- 2012 IBM Chief Information Security Officer Assessment
The bugs may be associated with the one patched Thursday by Microsoft, but they involve different functions of the Windows WMF rendering engine, added Symantec, which highlighted the various values and structures within the engine which could be exploited.
"Reports indicate that these issues lead to a denial-of-service condition, however, it is conjectured that arbitrary code execution is possible as well," the Symantec alert went on.
If true, the dangers of these new vulnerabilities are identical to the flaw that Microsoft fixed last week. Like that bug, these newly-discovered vulnerabilities can be exploited with a maliciously-crafted WMF file that's posted on a Web site, opened from an e-mail attachment, or launched with Microsoft or third-party image applications.
Other similarities between these vulnerabilities and the one recently patched exist, Symantec continued. "As with other vulnerabilities related to the WMF format, it's noted that viewing a malicious file in Windows Explorer may automatically trigger these issues. An attack may name a malicious WMF file using other common picture file extensions such as .gif, .jpg, .png, or .tif to trigger these issues."