US-CERT Cyber Security Alert SA06-005A -- Microsoft Windows Metafile Vulnerability

National Cyber Alert System

Cyber Security Alert SA06-005A

Microsoft Windows Metafile Vulnerability

Original release date: January 5, 2006
Last revised: --
Source: US-CERT

Systems Affected

Microsoft Windows

Overview

Microsoft has released an update that addresses a critical vulnerability in Windows Metafile images.

Solution

Apply Updates

Microsoft has released a security update for a Windows Metafile image vulnerability. To obtain the update, visit the Microsoft Update web site. US-CERT also recommends enabling Automatic Updates.

Description

Microsoft Security Bulletin MS06-001 addresses a vulnerability in Windows Metafile (WMF) images. This vulnerability may allow an attacker to take control of your computer or cause it to crash. For more technical information, see US-CERT Technical Cyber Security Alert TA06-006A.

References

US-CERT Technical Cyber Security Alert TA06-005A - <http://www.us-cert.gov/cas/techalerts/TA06-005A.html>

US-CERT Vulnerability Note VU#181038 - <http://www.kb.cert.org/vuls/id/181038>

Microsoft Security Bulletin Summary for January 2006 - <http://www.microsoft.com/technet/security/bulletin/ms06-jan.mspx>

Microsoft Security Bulletin MS06-001 - <http://www.microsoft.com/technet/security/bulletin/ms06-001.mspx>

Microsoft Update - <https://update.microsoft.com/microsoftupdate/>

Security Essentials - <http://www.microsoft.com/athome/security/protect/default.aspx>

Feedback can be directed to the US-CERT Technical Staff.

Produced 2006 by US-CERT, a government organization. Terms of use

Revision History

January 5, 2006: Initial release

Last updated February 11, 2008

US-CERT: United States Computer Emergency Readiness Team

Information For

Sign Up

Reporting