Wednesday, February 08, 2006

You better keep blocking WMF file's

Microsoft has released a new security advisory describing a new vulnerability in older versions of Internet Explorer. Again a 'a specially crafted Windows Metafile (WMF) image' could allow remote code execution.
Still using?:

Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service Pack 4
Internet Explorer 5.5 Service Pack 2 on Microsoft Windows Millennium.

Then you better keep the following 'Body Content type' rules in place:

WMF - 1: (MS06-001) (Also add *.wmf to "URL paths")

WMF - 2:

MS advisory


Post a Comment

<< Home