Critical Vulnerability: MS06-01 Microsoft .WMF (912840)

FNAL Critical Vulnerability
Platform: Microsoft 98, ME, Windows 2000, Windows XP, Windows 2003
Exploitation: Viewing of malformed graphics (.WMF) images
Patch By: 01/11/2006 01/07/2006

A new critical flaw has been discovered in the Microsoft Windows operating system through the rendering of WMF images. The attack vectors range from HTML email, images hosted on malicious web sites, instant messaging clients and recently, malicious images posted to community forums such as message boards, discussion forums and blogs. This flaw affects not only Internet Explorer, but Mozilla packages, various email clients, folder browsing, third party applications and other applications which use the built in image viewing or preview functions of Microsoft Windows.

At this time, no official Microsoft patch exists. An official patch is to be released on Tuesday, January 10. An official patch was released on Thursday January 5 2006. Because of the numerous and ever developing exploitation avenues, this flaw is declared critical, and is to be patched per the following schedule:

Windows desktops: Wednesday, January 11, 2005 5:00pm
Windows servers: Wednesday, January 11, 2005 9:00pm
All Windows systems are to be patched by end of day Saturday, January 7 2006

It is suggested you download the patch as soon as it is available to test and report of any problems caused from the installation.

There have been a few published workarounds, including an unofficial patched produced outside of Microsoft. None of the workarounds completely protect you from the ever growing attack vectors, so implementation of these workarounds are at your own risk. Antivirus vendors are constantly updating their signatures to detect the many variants being produced, so it is strongly recommended to have your antivirus clients checking for updates frequently throughout the day.

More information can be found at
http://www.microsoft.com/technet/security/advisory/912840.mspx