MS Discloses Limited WMF Vulnerability

Microsoft disclosed another Windows Metafile (WMF) vulnerability Tuesday, saying an attacker could execute code as the logged-in user. The company discovered four ways that the flaw could be exploited, however it stressed the latest flaw is very limited in scope.

Only users of Internet Explorer 5.01 Service Pack 4 on Windows 2000 Service Pack 4 and Internet Explorer 5.5 Service Pack 2 on Windows Millennium are affected by the problem, Microsoft said.

An attacker would be able to exploit the flaw by hosting a specially crafted WMF file on a Web site, convincing a user to open a specially crafted e-mail attachment, convincing a user to click on a link in an e-mail, or by the user viewing specially crafted e-mail in the preview pane of Outlook Express.

There is no way for an attacker to force a user to visit a malicious Web site, Microsoft said, which means the attacker would have to coerce the user to do so. The same would go for an e-mail based attack as well. The company said it would continue its investigation and provide further guidance if needed.

"Upon completion of this investigation, Microsoft will take appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs," the company said in an advisory.

As a security precaution, Microsoft advises users to follow the security procedures of enabling a firewall, applying software updates and installing antivirus software.