'Critical' Patch Released For Windows November Batch Patches 3 Vulnerabilities
Microsoft (Quote, Chart) has released a bulletin for a Windows patch labeled critical.
The security bulletin addresses three vulnerabilities, each affecting the graphics rendering engine in Windows 2000, Windows XP SP1/SP2, Windows Server 2003, and Windows Server 2003 SP1. The bulletin's number is MS05-053.
The main culprit behind this security bulletin is a critical vulnerability in the Windows rendering engine. Any program rendering a Windows Metafile (WMF) or Enhanced Metafile (EMF) image is open to attack by malware (define) writers.
WMF and EMF are two graphics file formats used in Windows; WMF is for 16-bit computing and EMF is for 32-bit systems; the two file formats hold vector and bitmap graphics information when they are exchanged between applications.
If the WMF image is compromised by an attacker it leaves the system open to remote manipulation, allowing them to add, delete or modify files on the computer. If the EMF image is attacked, it could open the system up to a denial-of-service attack (define), eventually crashing the machine.
While the graphics rendering engine vulnerability is a critical fix for the five operating system versions mentioned in the bulletin, not every system is affected by the particular image file formats. The WMF vulnerabilities, for example, don't affect Windows XP SP2 and Windows Server 2003 SP1 users.
As is the case with most vulnerabilities, the only way to open yourself to attack is to open a file or folder with the altered image, view an HTML e-mail message or to visit a Web site with an image containing an exploit to the vulnerability.
Officials said in the security bulletin they have not found, nor have been informed of, any exploits in the wild targeting this vulnerability.
The company also released updated virus definitions for the Microsoft Windows Malicious Software Removal Tool (v1.10). On Monday, Microsoft renamed its anti-spyware offering, Windows AntiSpyware, to Microsoft Defender.
The Redmond, Wash., software giant releases security vulnerabilities affecting its software on the second Tuesday of every month, popularly known as Patch Tuesday.
