[Studenttech.announce] Critical Windows Update - WMF vulnerability
Sally Bradt
sbradt at d.umn.edu
Fri Jan 6 09:41:06 CST 2006
Date: 1/6/2006
Critical Windows Update : WMF vulnerability
* * Summary:
Microsoft has released a critical update that patches the WMF
vulnerability in all Windows computers. This is considered to be a
serious vulnerability as it does not require any user interaction to
infect a computer - the WMF vulnerability uses images (WMF images) to
execute arbitrary code. It will execute just by viewing the image. In
most cases, you don't have click anything.
* * Recommendation:
ITSS recommends that all Windows computers be patched ASAP by running
Windows Update. (See "Using the Windows Update Service" for details:
<http://www.d.umn.edu/itss/security/win-update.html>
If you previously installed the unofficial patch and/or unregistered
the affected DLL, follow the steps listed here:
<http://www.d.umn.edu/itss/news/2006/wmf-steps.html>
* * If you need assistance:
Contact the ITSS Help Desk at x8847.
* * For more information:
Microsoft Security Bulletin MS06-001:
<http://www.microsoft.com/technet/security/bulletin/ms06-001.mspx>
SANS ICS - WMF FAQ:
<http://isc.sans.org/diary.php?storyid=994>
_______________________________________________
Sally Bradt sbradt at d.umn.edu
ITSS
x8856
University of Minnesota Duluth 159 MWAH
-----------------------------------------------------------------------
More information about the Studenttech.announce
mailing list