Cardbox News


CardboxForumsCardbox News > "Windows WMF security vulnerability"

Windows WMF security vulnerability

Cardbox is not affected by this vulnerability.

Current user: [none]
Register / Log In · Help

Posted By Post


3-Jan-2006 08:44

A new security hole has been reported that potentially affects all Windows systems when they try to display images that been specially designed by a malicious attacker. The vulnerability can lead to the attacker taking over your computer entirely. More details are given at the end of this email.


The attacking images use the programming features of Microsoft's WMF format. Cardbox has not been designed to read images in WMF format and so cannot activate an infection.

When it imports images in another image format - for example, GIF, JPEG, TIFF,and PDF - Cardbox does so on its own, without the assistance of Windows. Thus it cannot trigger any virus infection that depends on bugs in Windows.


The attacking image can arrive in an email or come from a maliciously designed web page. The filename of the image can end in something innocuous such as GIF or JPG: this is because Windows, when it displays an image, checks the true format of the image rather than its filename. So if the disguised "GIF" or "JPG" image is in fact in WMF format, Windows will treat it as being in WMF format and will infect itself automatically when it tries to display the image.


http://msnbc.msn.com/id/10684853/ - a report from the Financial Times.

http://blogs.guardian.co.uk/askjack/2006/01/imortant_windows_wmf_metafile.html - a report from the Guardian, giving more technical details and recommendations for protecting your computer.

http://www.techworld.com/security/news/index.cfm?NewsID=5070 - a report from TechWorld.

Quick Reply

Please log in or register before trying to post a reply.

© 2010 Cardbox Software Limited   Home