Just days after Microsoft patched a critical vulnerability in the way the Windows operating system renders certain types of graphics files, a hacker has published details of two new flaws that affect the same part of the operating system. The new vulnerabilities were posted to the Bugtraq security mailing list today by a hacker using the name "cocoruder."
PCWorld – Two New Windows Metafile Bugs Found
A Microsoft spokesperson insists the publicly released code can simply cause a denial-of-service crash.
"As it turns out, these crashes are not exploitable but are instead Windows performance issues that could cause some WMF applications to unexpectedly exit. These issues do not allow an attacker to run code or crash the operating system. They may cause the WMF application to crash, in which case the user may restart the application and resume activity," said Lennart Wistrand, lead security program manager in the MSRC (Microsoft Security Response Center).
In a blog posting, Wistrand said Microsoft had already identified the issues as part of its ongoing code maintenance and is evaluating them for inclusion in the next service pack for the affected products.
PCMag – New Batch of WMF Flaws Flagged
» Microsoft Q&A: Windows Vista Released to Manufacturing
» Microsoft Starts Vista Coupon Plan This Week
» Microsoft Fixes Security Flaws – Sets New Patch Record
» Porn Sites Exploit New Internet Explorer Flaw – Patch Due Oct 10
» Windows Vista Beta 1 vs. Mac OS X
» Microsoft Warns of Windows Image-Handling Flaw
» Microsoft Warns of Critical Windows Flaws – Patch Available Sep 13th
» Netscape 8.0.2 Released
» Microsoft: 5 New Software Security Flaws
» Microsoft Issues Patches for 7 Software Flaws
» Microsoft Warns of 22 New Security Flaws
» Microsoft Responds to ‘SP2 Security Center Issue’
» Seven MS Security Bulletins & Patches – Plus Four New IE Vulnerabilities
» Microsoft Warns Of Widespread Windows Flaw – Patch Released
» Microsoft Releases Early Cumulative IE Patch – Phishing Flaw Fixed
del.icio.us
Digg
Furl
Netscape
Yahoo! My Web
StumbleUpon
Google Bookmarks
Technorati
BlinkList
Newsvine
ma.gnolia
reddit
Windows Live
Tailrank
