Archived Content
In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.Microsoft Windows Metafile Vulnerability
Systems Affected
- Microsoft Windows
Overview
Microsoft has released an update that addresses a critical vulnerability in Windows Metafile images.
Solution
Apply Updates
Microsoft has released a security update for a Windows Metafile image vulnerability. To obtain the update, visit the Microsoft Update web site. US-CERT also recommends enabling
Automatic Updates.
Description
Microsoft Security Bulletin MS06-001 addresses a vulnerability in Windows Metafile (WMF) images. This vulnerability may allow an attacker to take control of your computer or cause it to crash. For more technical information, see US-CERT Technical Cyber Security Alert TA06-006A.
References
- US-CERT Technical Cyber Security Alert TA06-005A - <http://www.us-cert.gov/cas/techalerts/TA06-005A.html>
- US-CERT Vulnerability Note VU#181038 - <http://www.kb.cert.org/vuls/id/181038>
- Microsoft Security Bulletin Summary for January 2006 - <http://www.microsoft.com/technet/security/bulletin/ms06-jan.mspx>
- Microsoft Security Bulletin MS06-001 - <http://www.microsoft.com/technet/security/bulletin/ms06-001.mspx>
- Microsoft Update - <https://update.microsoft.com/microsoftupdate/>
- Security Essentials - <http://www.microsoft.com/athome/security/protect/default.aspx>
Feedback can be directed to the US-CERT Technical Staff.
Revision History
-
January 5, 2006: Initial release
Last updated
This product is provided subject to this Notification and this Privacy & Use policy.