Threat Center Security News Vulnerability in Windows Metafiles
Vulnerability in Windows Metafiles Print E-mail
Written by Rebecca Mints   
Tuesday, 06 May 2008 18:00

A vulnerability has been discovered that affects Microsoft® Windows® 2000, XP, 2003 Server, Vista and 2008 server operating systems. The vulnerability was discovered by research engineers at SkyRecon. They also said that Stormshield would block against said vulnerability.

According to Senior Research Engineer Thomas Garnier from SkyRecon "the identification of this vulnerability comes from our in-depth analysis of GDI media files format." He also remarked "during our ongoing research on various Windows file formats we found a critical vulnerability which could be used to remotely exploit Windows when user interaction is incorporated. If the vulnerability is exploited, there is a potential for remote code execution."

StormShield Unified Client Security Solution, a SkyRecon product, "provides multi-layered security integrated into single-agent protection with real-time defenses designed to protect an organisation’s endpoints and the sensitive data that resides on them" says Security Park.

Patches or configuration changes are not necessary as the engineers at SkyRecon have determined that StormShield detects and blocks attacks going after the Microsoft vulnerability. The most susceptible to this attack are clients that only use perimeter security technologies, as this attack is remotely executable. For more info please check Microsoft Security Bulletin MS08-021 - Critical Vulnerability.

"Vulnerability research continues to be a critical component in designing generic, effective, and efficient layers of protection for both the system and confidential data," remarked SkyRecon's Director of Research and Development Yann Torrent. "As this vulnerability leaves both workstations and servers at risk, SkyRecon Systems is pleased to inform businesses around the world that our unified endpoint protection solution secures their critical business endpoint systems, protecting them from compromise leveraging StormShield’s integrated buffer overflow protection."

Security Park
Critical Vulnerability Targets Windows Metafiles


WTW Threat Level