Check Point Advisories

Preemptive Protection against WMF/EMF Vulnerabilities (MS07-017)

Check Point Reference: CPAI-2007-041
Date Published: 11 Apr 2007
Severity: Critical
Last Updated: Monday 30 April, 2007
Source: Microsoft Security Bulletin MS07-017
Industry Reference:

CVE-2007-1211
CVE-2007-1212

Protection Provided by:
Who is Vulnerable? Microsoft Windows 2000 SP4
Microsoft Windows XP SP2
Microsoft Windows XP Professional x64 Edition
Microsoft Windows XP Professional x64 Edition SP2
Microsoft Windows Server 2003
Microsoft Windows Server 2003 SP1
Microsoft Windows Server 2003 SP2
Microsoft Windows Server 2003 (Itanium)
Microsoft Windows Server 2003 with SP1 (Itanium)
Microsoft Windows Server 2003 with SP2 (Itanium)
Microsoft Windows Server 2003 x64 Edition
Microsoft Windows Server 2003 x64 Edition SP2
Windows Vista
Windows Vista x64 Edition
Vulnerability Description A remote code execution vulnerability has been discovered in the rendering of Enhanced Metafile (EMF) image format, and a denial of service vulnerability exists in the rendering of Windows Metafile (WMF) image format. WMF and EMF are image formats used in many Windows programs including Internet Explorer and Outlook. By persuading a user to open a specially crafted WMF or EMF image file, an attacker may be able to execute arbitrary code on the affected system.
Update/Patch AvaliableApply patches:
Microsoft Security Bulletin MS07-017
Vulnerability DetailsThe vulnerability is due to an error in Microsoft Windows that fails to properly handle malformed WMF and EMF files. By convincing a user to visit a specially crafted HTML documents or open a malicious web page, a remote attacker could cause a denial of service condition or execute arbitrary code on an affected system. Successful exploitation may allow execution of arbitrary code on a vulnerable system.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK