A fix has been released by Microsoft about a critical image flaw that lets an attacker control a computer if a user viewed a poisoned image in a website or an email in an HTML format.
It is “probably of interest to all customers using Windows,” but that it “probably won’t be reliably exploited,” according to Mike Reavey of Microsoft who is the Security Response Center director of the company.
It involves how the operating system processes WMF and EMF files. The affected versions are Windows 2000, XP, Server 2003 and 2008, and Vista.
Source: PCWorld
