A vulnerability in Microsoft Windows Metafile (WMF) handling was
discovered in December. This vulnerability affects all
versions of Microsoft Windows. Microsoft is working on a patch.
This vulnerability could let an intruder take complete control of
your system, install spyware and attack other systems.
Exploit code has been publicly posted and systems are being
compromised, including as of Monday January 2, 2006 41 systems
on campus of which 2 were in EECS.
Systems are vulnerable to WMF exploits via malicious web pages,
malicious email attachments and malicious attachments in instant messaging.
For more info please see
http://idsg.EECS.Berkeley.EDU/security/wmf.html
[Read more…] about Microsoft Windows Metafile (WMF) Handling Vulnerability Advisory