[Studenttech.announce] Critical Windows Update - WMF vulnerability

Sally Bradt sbradt at d.umn.edu
Fri Jan 6 09:41:06 CST 2006


Date: 1/6/2006

Critical Windows Update : WMF vulnerability

* * Summary:		

Microsoft has released a critical update that patches the WMF 
vulnerability in all Windows computers.  This is considered to be a 
serious vulnerability as it does not require any user interaction to 
infect a computer -  the WMF vulnerability uses images (WMF images) to 
execute arbitrary code. It will execute just by viewing the image. In 
most cases, you don't have click anything.

* * Recommendation:

ITSS recommends that all Windows computers be patched ASAP by running 
Windows Update.  (See "Using the Windows Update Service" for details:
	<http://www.d.umn.edu/itss/security/win-update.html>

If you previously installed the unofficial patch and/or unregistered 
the affected DLL, follow the steps listed here:
	<http://www.d.umn.edu/itss/news/2006/wmf-steps.html>

* * If you need assistance:

     Contact the ITSS Help Desk at x8847.

* * For more information:
     Microsoft Security Bulletin MS06-001:
 
<http://www.microsoft.com/technet/security/bulletin/ms06-001.mspx>

      SANS ICS - WMF FAQ:
          <http://isc.sans.org/diary.php?storyid=994>






_______________________________________________
  Sally Bradt                                         sbradt at d.umn.edu
  ITSS 
x8856
  University of Minnesota Duluth                    159 MWAH
-----------------------------------------------------------------------



More information about the Studenttech.announce mailing list