Microsoft facing problems with its Windows Meta File (WMF) image format
Here's a summary of what have happened last two week....
On December 27, security experts discovered a risk to users from programs that exploit a flaw in the WMF area. The vulnerability allowed hackers to embed malicious software into image files. The so-called malware can insert viruses, worms, and spyware that can steal sensitive information or damage a user’s computer (see Security Breach Hits Windows).
On January 5, Microsoft released a patch ahead of schedule to fix a flaw, succumbing to pressure from security researchers who rated the flaw as critical and criticized the company for not fixing the problem. Microsoft had originally planned to release a patch for the WMF flaw this week as part of its “Patch Tuesday” security bulletin release (see Microsoft to Issue Security Fix)
The patch that Microsoft has already released does not protect users from the latest flaws, said experts.
“These flaws are located in the different part of the WMF area that wasn’t covered by the patch itself,” said Oliver Friedrichs, senior manager, Symantec security response. “Oftentimes we will see patches released that will fix just one vulnerability, and it happens more often than not.”
In the rush to release the patch, Microsoft may have also failed to test the entire code around WMF and look for additional flaws, security experts said.
Complex Area
“WMF file format and the handling of it in Windows is fairly complex,” said Mr. Schmugar. “Microsoft basically rushed the patch out, which did not afford them time to investigate any additional vulnerabilities within the WMF file.”
Microsoft did not answer specific questions about its handling of the WMF issue but pointed to a post on the company’s Security Response Center blog. On the blog, Microsoft employee Lennart Wistrand termed the latest flaws as “Windows performance issues.”
Security experts said it is likely that new flaws relating to the same area will be discovered during the next few weeks. With the attention on the WMF file area, hackers are more likely to dig deeper into the system to find new vulnerabilities, said Mr. Friedrichs.
“We may see quite a few people who are looking for vulnerabilities around this area, so if there are any more flaws we are likely to see them in the near future,” he said.
Microsoft has not commented on when it is likely to release a patch for the two additional flaws but security experts said the company is unlikely to break its schedule again. “The earliest we are likely to see a patch is the first Tuesday of next month,” said McAfee’s Mr. Schmugar.
Cited from RedHerring
