Check Point Advisories

Preemptive Protection against Graphics Rendering Engine Vulnerability (MS06-026)

Check Point Reference: CPAI-2006-063
Date Published: 13 Jun 2006
Severity: Critical
Last Updated: Tuesday 15 May, 2007
Source: Microsoft Security Bulletin MS06-026
Industry Reference:CVE-2006-2372
Protection Provided by:
Who is Vulnerable? Microsoft Windows 98
Microsoft Windows 98 Second Edition (SE)
Microsoft Windows Millennium Edition (Me)
Vulnerability Description A vulnerability exists in the way Microsoft Windows handles specially crafted WMF files. WMF is an image format used in many Windows programs including Internet Explorer and Outlook. By persuading a user to open a specially crafted WMF image file, an attacker may be able to take complete control of an affected system.
Update/Patch AvaliableMicrosoft has provided a patch against this vulnerability: http://www.microsoft.com/technet/security/Bulletin/MS06-026.mspx.
Vulnerability DetailsA Windows Metafile (WMF) image is a 16-bit metafile format that can contain both vector information and bitmap information. This image format is optimized for the Windows operating system. An attacker could exploit this vulnerability by creating a malicious Web page or a specially crafted attachment in e-mail and then persuading the user to visit the page or open the attachment.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK