• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • UC Berkeley
  • Berkeley Engineering
  • EECS

Header Search Widget

IRIS

Instructional & Research Information Systems

  • About Us
  • Get Started
  • Get Help
  • FAQ
    • FAQ: Accounts
    • FAQ: EECS Slack
    • FAQ: File Storage
    • FAQ: Hardware
    • FAQ: MacOS
    • FAQ: Mail
    • FAQ: Mailing Lists
    • FAQ: Network
    • FAQ: Security
    • FAQ: Unix
    • FAQ: Web
    • FAQ: Windows
  • Services
    • Accounts
    • Backups
    • E-mail
    • EECS Login Servers
    • File Storage
    • Infrastructure
    • Mailing Lists
    • Network
    • Printing
    • Room Reservations
    • Security
    • Software
    • Unix
    • Web
  • Policies
  • Forms
    • System Registration/Update
    • Account Request Form
    • Network Problem Report
    • SSL Certificate Request
    • All Other Forms
  • Rates

Microsoft Windows Metafile (WMF) Handling Vulnerability Advisory

January 5, 2006 by Mark Kraitchman

A vulnerability in Microsoft Windows Metafile (WMF) handling was discovered in December. This vulnerability affects all versions of Microsoft Windows. Microsoft is working on a patch.

This vulnerability could let an intruder take complete control of your system, install spyware and attack other systems. Exploit code has been publicly posted and systems are being compromised, including as of Monday January 2, 2006 41 systems on campus of which 2 were in EECS.

Systems are vulnerable to WMF exploits via malicious web pages, malicious email attachments and malicious attachments in instant messaging.





For more info please see http://idsg.EECS.Berkeley.EDU/security/wmf.html

UPDATE

[2006-01-05 13:43:45 | Emrys Ingersoll, IDSG]

Microsoft has released a patch fixing the Windows Metafile (WMF) vulnerability. The patch is available via the “Windows Update” website and IDSG recommends applying it as soon as possible.


For more information, please see Microsoft Security Bulletin MS06-001.

Filed Under: News

Primary Sidebar

IRIS Service Status

Green
We have 0 Active Incidents, and 0 Scheduled Maintenances noted.

IST Service Status

Outages to campus services are listed at berkeley.statusdashboard.com.

Recent Highlights

IT Support During Winter 2022 Energy Curtailment

December 7, 2022 by Lars Rohrbach

Upcoming Change to EECS Firewall Handling of SSH

September 22, 2022 by Lars Rohrbach

  • About
  • Contact
  • PRIVACY
  • ACCESSIBILITY
  • NONDISCRIMINATION

© 2022–2023 UC Regents  |  Log in