We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,258 News Articles

Two new WMF bugs found

Microsoft must do better, expert says

Just days after Microsoft patched a critical vulnerability in the way the Windows operating system renders certain types of graphics files, a hacker has published details of two new flaws that affect the same part of the operating system.

The new vulnerabilities were posted to the Bugtraq security mailing list on Monday by a hacker going by the name of 'cocoruder'.

All three flaws concern the way Windows renders images in the Windows Metafile (WMF) format used by some CAD (computer-aided design) applications, but these latest flaws are far less serious than the vulnerability that Microsoft patched last week, according to security experts. That vulnerability was concerning enough to cause Microsoft to take the unusual step of releasing an early patch to the problem, ahead of its monthly security software update.

While the patched flaw was being exploited by attackers to take control of Windows machines, the latest vulnerabilities appear to pose the risk of simply crashing the WMF-viewing software, typically Internet Explorer. However, users would first need to trick a victim into viewing a specially crafted WMF image in order for this to happen, security experts say.

The vulnerabilities can be found in a number of versions of Windows, including Windows XP, Service Pack 2, Windows Server 2003, Service Pack 1, and Windows 2000, Service Pack 4, according to cocoruder's Bugtraq posting.

Because of the inherent complexity of image formats, there are plenty of opportunities for attackers to find bugs similar to the two that were revealed Monday, said Russ Cooper, senior information security analyst at Cybertrust.

Cooper said that the new WMF vulnerabilities are not a major cause of concern. "New malformed images that simply crash things aren't really that important unless they can be shown to cause code to execute," he said. "This is only getting any attention because it's WMF, and Microsoft just released a WMF patch."

Johannes Ullrich, chief research officer for the SANS Institute, agreed that these type of image problems are fairly common, but said that the fact that so many WMF vulnerabilities have popped up of late – Microsoft fixed three other WMF bugs in November – indicates that the software vendor could be doing a better job of predicting where its security problems might lie.

Microsoft should have been able to catch these latest flaws and fix them with its November patch, Ullrich said. "It really seems to have a problem thinking offensively," he said of Microsoft. "If you don't really look for these vulnerabilities with this offensive mindset, and instead look at it from a programmer's perspective, you just don't find a lot of these things.

"Every month [Microsoft] has one or two image problems it fixes. It's actually kind of surprising it doesn't get exploited more."

A spokeswoman from Microsoft was unable to provide comment for this story.

IDG UK Sites

LG G4 Note UK release date and specification rumours: Samsung Galaxy Note 5 killer could be the LG 3......

IDG UK Sites

In defence of BlackBerrys

IDG UK Sites

Why we should reserve judgement on Apple ditching Helvetica in OS X/iOS for the Apple Watch's San...

IDG UK Sites

Retina 3.3GHz iMac 27in preview: Apple cuts £400 off Retina iMac with new model